API Keys are used to authenticate your application and control its access to the Chargebee API .
It is strongly advised to keep API keys secret, especially those that give full access to the API.
To create and configure the API keys, select Settings > Configure Chargebee > API Keys and Webhooks and then click on the API Keys tab. Any existing API keys are listed.
Note: API Keys for Test and Live sites are distinct from each other.
To create a new API key, click on the Add an API Key button, choose the type of key to create, give it a name and click Create Key.
Whenever an API call triggers an event in Chargebee, the name of the API key is seen in the value of the user attribute .
There are 3 main kinds of API keys that you can create:
A full access key is used to gain unrestricted and complete access to your Chargebee site. All the methods listed in the API Docs can be called using this type of key.
This key can only be used to create new subscriptions. You can extend the permissions of this key to more API operations as will be shown next.
The possible API calls for a regular Publishable Key are:
You can add the following access levels to a publishable key:
Allow Estimate API Calls
This gives a publishable key access to Estimates API .
Allow read-only access to Product Catalog
This gives a publishable key read-only access to the Plans and Addons API.
Note: To prevent misuse, coupons , coupon sets and coupon codes API are not accessible with this key.
All of the Publishable keys are also browser keys: they can be used to make API calls from web browsers. The other types of keys cannot be used as browser keys.
This type of key has a few sub-types, offering varying levels of read-only access to the Chargebee API.
Note: To prevent misuse, coupons , coupon sets and coupon codes are not accessible with this key.
A key can be disabled or deleted using the more options button on the card for the key.
Note: At least one full access key must be present for a site; you cannot delete all of them.
Like passwords, it is recommended that you periodically replace keys with new ones. This improves security. While at it, it is always best to first create the new API keys, update all the existing keys on your application with the new keys, and only then delete the old keys from Chargebee.
Some key type combinations have been discontinued since
Listed below are some examples of key type combinations that have been discontinued: