Access keys are generated by an individual user in the Sumo Logic depending on the permissions set for their account; however, administrators in the account can deactivate or delete all keys generated across the account. Access keys are associated with the user who generated them; if a user is disabled, keys associated with that user no longer work. When a user is removed from the account, their keys no longer authenticate.
Access keys are used in the following ways:
- To securely register new Collectors. When installing a Collector, use the Sumo Logic Web Application to generate unique access keys consistent with your organization's policies. You can generate one set and use those credentials on all Collectors, or generate a new set for each Collector, depending on how your group prefers to manage this process. The keys are used only for installation, so if a key is deleted after a Collector has been set up, the Collector isn't affected.
- To access the Sumo Logic APIs. Access keys can be used with the Sumo Logic Search API and Collector Management API. See API Authentication for details.
Managing access keys may also be set as a user Role Capability.
Access keys can be found in two places, the Preferences page and the Security page. The Preferences page shows your user's access keys and allows you to manage them. The Security page has a tab called Access Keys that shows all the access keys in your organization and allows you to manage them.
Generate Access Keys
You can generate access keys for your user on your Preferences page and your Security page. The page you use does not have an effect.
- In the Sumo Logic Web Application click your name in the left nav and open the Preferences page.
- Next to My Access Keys, click the + icon to Add.
- In the Sumo Logic menu navigate to Administration > Security > Access Keys.
- At the top right of the table, click the + icon to Add.
The Create a Sumo Logic Access Key window displays:
- In the Access Key Label text box, type a name for the Access Key. Then click Generate Key.
- When the new key and ID is displayed, copy the credentials right away and paste them in a safe place.
Once you dismiss this screen you won't have full access to the key/ID again.
Manage Access Keys
Keys that you generated can be found on your Preferences page. Administrators in an account can deactivate, reactivate, or delete all keys in an organization through the Administration > Security > Access Keys page.
Deleting or deactivating an Access ID and Key used to register a Collector will not stop Collectors from functioning. The credentials are only used at the time of installation as part of the initial connection and registration of the Collector with the service.
Deactivate an Access Key
Deactivating a key keeps the key credentials in your account, but renders the key useless. You can reactivate a key at any time to begin using it again.
- Click Active in the Status column.
- The status changes to Inactive.
Reactivate an Access Key
- Click Inactive in the Status column.
- The status changes to Active.
Delete an Access Key
- Click Delete.
- Confirm the deletion. The key is immediately removed, and will no longer work.