An API key is also required for using Rancher CLI.

API Keys are composed of four components:

  • Endpoint: This is the IP address and path that other applications use to send requests to the Rancher API.
  • Access Key: The token’s username.
  • Bearer Token: The token username and password concatenated together. Use this string for applications that prompt you for one authentication string.

  1. Select User Avatar > API & Keys from the User Settings menu in the upper-right.

  2. Click Add Key.

  3. The API key won’t be valid after expiration. Shorter expiration periods are more secure.

    Expiration period will be bound by . If it exceeds the max-ttl, API key will be created with max-ttl as the expiration period.

    A scope will limit the API key so that it will only work against the Kubernetes API of the specified cluster. If the cluster is configured with an Authorized Cluster Endpoint, you will be able to use a scoped token directly against the cluster’s API without proxying through the Rancher server. See Authorized Cluster Endpoints for more information.

  4. Click Create.

    Use the Bearer Token to authenticate with Rancher CLI.

  • Enter your API key information into the application that will send requests to the Rancher API.
  • Learn more about the Rancher endpoints and parameters by selecting View in API for an object in the Rancher UI.
  • API keys are used for API calls and .

If you need to revoke an API key, delete it. You should delete API keys:

  • That may have been compromised.
  • That have expired.

To delete an API, select the stale key and click Delete.