Map API Keys

Public Access Control

API Key Management

Manage public embed access keys — active, paused, and scoped by origin.

Back To Overview

Active 6 keys are serving traffic.

These are the production-facing credentials that keep public GeoJSON delivery running.

Paused 1 key is held back.

Paused keys preserve auditability while giving operators a clean containment path for unused or risky access.

Reveal policy Plaintext is a one-time action.

Secret exposure should happen only during a secure handoff, never as a convenience workflow.

Active Keys

Currently serving public GeoJSON access

Paused Keys

Safe to audit or retire

Origin Scope

Distinct allowed deployment origins

Reveal Policy

Once

Plaintext is shown only on explicit request

Public Feed Keys

The table is the source of truth for key state, origin scope, and remediation actions.

Name	Scope	Allowed origins	Created	Status	Action

Governance Rules

This module exists to reduce exposure risk, not just to mint new keys.

Create Scope by intent

Keys should map to a deployment surface with a clear name, scope, and origin list from day one.

Reveal Show only once

Plaintext exposure is an exception. Operators should reveal only during secure handoff or deployment.

Pause Contain quickly

Pausing is the fast response path for staging leaks, scope drift, or unused deployments.