Service Keys

You can create, edit and view service keys in the Garnet dashboard, and use them through the Garnet CLI.

Service keys provide granular, read-only access to scoped resources within a project. This ensures ease of configuration and an added layer of security.

Service keys are the recommended way of using Garnet in external platforms (such as CI tools, cloud services etc.) where machine-to-machine interaction is taking place. For human-to-machine authentication, you can use the garnet login functionality in the CLI.

Click on the Service Keys button from the left navigation bar and click New

Generate a new Service Key

A service key can be linked to a new project, or an existing one. The scope will determine that configurations created in a given project will only be accessed through the provided scope.

Note: you can only specify a single scope (e.g. staging) when using Service Keys.

Once you click on Save, a new service key will be automatically generated for you.

You can view the details by clicking the View button

Using a Service Key

Service keys allow the Garnet CLI to fetch the scoped configuration without using the interactive method of garnet login. You can use the garnet run command with a service key by specifying the --service-key flag.

garnet run --service-key=<your-service-key> -- <command>

The service key can also be passed as an environment variable called GARNET_SERVICE_KEY to be read by the CLI. For example to use the service key inside a Dockerfile, you can do: .

...
CMD garnet run --service-key=${GARNET_SERVICE_KEY} -- env

Revoking a Service Key

Service keys are non-expiring by nature, and can be revoked by deleting the appropriate Service Key in the Garnet Dashboard.