API key just for a specific environment?

Hello,

Is there a way to bind an API key to a certain environment?
Say that we have two environment - staging & production, both in Dato, as well as on our backend server.

I know we can create/have multiple API keys in a certain environment, but currently it looks like that the API keys are the same across multiple environments, so Iā€™m assuming the API key our backend server uses can only fetch Dato content from a primary environment?

If this is not possible, what would be the best way to have staging & production environments in Dato? Is the only option to duplicate the project?

Thank you for time,

Mauro

Hello @benec

The best way to do it is to set the permission of the role that the Token inherits permissions from, to only allow it to interact with sandbox environments.

Then, create a token that inherits that role:

image

This only allows for you to create tokens that modify either the primary environment only, or only sandbox environments, if you want more granularity, perhaps splitting the project into multiple projects would be a better idea