Add more documentation about API vs. App keys #118

Mr0grog · 2024-06-22T01:42:03Z

Issue #115 demonstrated how easy it is to get confused about API vs. application keys, so I’ve added some more documentation here about the difference as well as links to the official documentation about it (https://docs.datadoghq.com/account_management/api-app-keys/).

I’ve also added a custom AuthorizationError class with a more explanatory message (also with links to the docs), so people should see something more helpful in their console or logs, too. If you log the full object, you’ll see something like:

AuthorizationError: Your Datadog API key is not authorized to send metrics. Check to make sure the DATADOG_API_KEY environment variable or the `apiKey` option is set to a valid API key for your Datadog account, and that it is not an *application* key. For more, see: https://docs.datadoghq.com/account_management/api-app-keys/
    at /Users/rbrackett/Dev/node-datadog-metrics/lib/reporters.js:96:29
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5) {
  code: 403,
  [cause]: ApiException [Error]: HTTP-Code: 403
  Message: {"errors":["Forbidden"],"additionalProperties":{"status":"error","code":403,"statuspage":"http://status.datadoghq.com","twitter":"http://twitter.com/datadogops","email":"[email protected]"}}
      at MetricsApiResponseProcessor.<anonymous> (/Users/rbrackett/Dev/node-datadog-metrics/node_modules/@datadog/datadog-api-client/dist/packages/datadog-api-client-v1/apis/MetricsApi.js:458:23)
      at Generator.next (<anonymous>)
      at fulfilled (/Users/rbrackett/Dev/node-datadog-metrics/node_modules/@datadog/datadog-api-client/dist/packages/datadog-api-client-v1/apis/MetricsApi.js:5:58)
      at process.processTicksAndRejections (node:internal/process/task_queues:95:5) {
    code: 403,
    body: APIErrorResponse {
      errors: [Array],
      additionalProperties: [Object]
    }
  }
}

I asked on Datadog’s Slack to see if there was any known way of differentiating between API and Application keys (so we could have a special case that tells someone they’ve mixed them up), but never got any responses. 🤷

As a side note, I kind of think we should remove the appKey option altogether. There are things it could be useful for (e.g. some fancy possibilities in #33), it doesn’t actually get used for anything right now, so I imagine it mostly just adds confusion.

Issue #115 demonstrated how easy it is to get confused about API vs. application keys, so I’ve added some more documentation here about the difference as well as links to the official documentation about it (https://docs.datadoghq.com/account_management/api-app-keys/). I’ve also added a custom `AuthorizationError` class with a more explanatory message (also with links to the docs), so people should see something more helpful in their console or logs, too.

Mr0grog · 2024-06-25T00:12:57Z

FYI: I'll merge this tomorrow morning (June 24) U.S. Pacific time if there's no feedback.

Mr0grog requested a review from ErikBoesen June 22, 2024 01:42

Mr0grog added 2 commits June 21, 2024 18:44

Make the TypeScript compiler happy

fdfcf18

Add release note

a7ea039

Mr0grog merged commit 26e7cd2 into main Jun 25, 2024
6 checks passed

Mr0grog deleted the 115-app-keys-api-keys-who-knows-whats-what branch June 25, 2024 15:39

Mr0grog mentioned this pull request Nov 11, 2024

Drop support for application keys #127

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add more documentation about API vs. App keys #118

Add more documentation about API vs. App keys #118

Mr0grog commented Jun 22, 2024

Mr0grog commented Jun 25, 2024

Add more documentation about API vs. App keys #118

Add more documentation about API vs. App keys #118

Conversation

Mr0grog commented Jun 22, 2024

Mr0grog commented Jun 25, 2024