RIPE Atlas Documentation

API Keys

API keys are the preferred method for authenticating with the RIPE Atlas API. They provide fine-grained access control and can be managed independently of your user session.

Creating an API Key

  1. Sign in to your RIPE NCC Access account. If you do not have one, you can register for free.
  2. Go to the API Keys management page.
  3. Create a new key, assigning the specific permissions it needs.

Key Visibility

The full API key is only displayed once, immediately after creation. Make sure to copy and store it securely - you will not be able to view it again.

If you lose an API key or suspect it has been compromised, you can "rekey it" -- open up the "Update API Key" dialog (click the "edit" button in the list) and use "Regenerate UUID" button. This replaces the UUID of the key with a newly generated one while preserving the permissions. You can also delete it and create a new one at any time from the API Keys management page. This is more work but a low-friction operation - there is no limit on how many keys you can create.

You can create multiple keys with different permission sets for different use cases. Keys can also be shared with other users.

Using an API Key

Pass your API key in the Authorization header with the Key scheme:

shell
curl -H "Authorization: Key YOUR-KEY" \
  "https://atlas.ripe.net/api/v2/measurements/"

Keep Your Keys Secret

An API key alone is sufficient to elevate permissions. Anyone who has your key can perform actions on your behalf. Treat API keys like passwords — never commit them to source control or share them in public channels.

Permissions

When you create a key, you assign it one or more permissions. The permissions available to a key are limited by the permissions of the key's creator — you cannot create a key with more permissions than your own account has.

Error Responses

The API returns HTTP 403 Forbidden when:

  • The provided key does not have the required permission for the requested action
  • The key UUID does not exist
  • The key has been disabled by its owner
  • The current time is outside the key's configured valid time range