An API key in Juan is a secure credential that lets external systems access your org’s data. This is ideal for developers integrating Juan with other tools.
Go to Settings > Access Management > API Keys
From the API Keys tab, you can generate new keys, assign roles, view masked keys, and manage access.
Juan securely generates, hashes, and stores API keys.
The full key is shown only once during creation and won’t be fully visible again. After that, only masked previews are visible for security.
Creating an API key also creates a linked shadow user with a placeholder email to represent the key in your organization’s permissions. Shadow users cannot access the UI.
Yes. You assign roles and permissions to API keys the same way you do for regular users. This ensures that keys only have access to the data and actions they need.
No. API key accounts are restricted from UI access. They cannot log in to your account and are intended strictly for API use.
In the API Keys tab, each key is shown with:
A masked preview of the key
The assigned role and permissions
The linked shadow user email
Creation date and created by info
Full key details are never retrievable again after creation. This keeps the key secure.
If the full key is lost, you’ll need to generate a new one. For security, Juan does not store or display the full key after it’s first shown.
Only users with User Access Management permission can create, edit, or delete API keys.
Deleting an API key also removes its linked user and organization user records.
The backend supports authentication using existing JWT tokens, which are securely passed through request headers.