Learn about Stax API Tokens
API Tokens are security credentials that users and machines must use in order to access the Stax API. API Tokens are comprised of an Access Key and a Secret Key and can be given a name, role, description and tags. The role permissions for API Tokens can be found here.
In regard to API Tokens, Stax provides the below features:
- Key storage management
- Stax activity feed logging and audit trail
- API Token rotation Reminders
- Python SDK
Key storage management
The Access Key and Secret Key are provided to you upon creation of the API Token. At creation time, you will be given the option to either store the Keys yourself or let Stax store them for you in SSM.
Store the Keys yourself
You can then store the Access Key and Secret Key securely in your credential manager, just as you would for any other password. The Secret Key will only be provided to you once - upon creation of your API token - and will never be displayed again.
Let Stax store your Keys
Stax will encrypt and store your API Token Access Key and Secret Key in the AWS Systems Manager (SSM) Parameter Store within your Security Account. You can choose to bring your own KMS encryption key or use a Stax dedicated key. To retrieve your Secret Key, you will need to navigate to SSM in your Security Account. The Access Key and Secret Key are stored as Parameters and are titled
Stax activity feed logging and audit trail
Actions performed by API Tokens will appear within the Activity Feed and will also be captured as events and stored in StaxTrail. Furthermore, changes made to API Tokens via the Console or API will also be logged.
API Token rotation Reminders
The AWS CIS Foundations Benchmark encourages AWS users to rotate AWS Keys every 90 days. Stax has adopted a similar approach for API Tokens and recommends that customers generate new API Tokens every 90 days. The Stax console will display the age of your API Tokens and will indicate when an API Token's age is greater than 90 days so that customers can take action.
The Stax Python SDK allows you to leverage automation functionality within Stax via API Tokens so that you can increase the speed of your development and reduce inefficiencies. For more information regarding the SDK, see the Stax Python SDK overview page.