docs: DOC-1362 (#3929)

* docs: DOC-1362 * docs: more updates * docs: vale fix * docs: feedback apply suggestions from code review Co-authored-by: caroldelwing <[email protected]> * ci: auto-formatting prettier issues * docs: feedback * docs: feedback changes --------- Co-authored-by: caroldelwing <[email protected]> Co-authored-by: karl-cardenas-coding <[email protected]>
spectrocloud · Sep 17, 2024 · 8c9cbab · 8c9cbab
1 parent 74434c5
commit 8c9cbab
Show file tree

Hide file tree

Showing 4 changed files with 378 additions and 3 deletions.
diff --git a/docs/docs-content/automation/palette-sdk/palette-sdk.md b/docs/docs-content/automation/palette-sdk/palette-sdk.md
@@ -23,6 +23,10 @@ The snippet below showcases an example of how to initialize the Palette client u
 methods.
 
 ```go
+  import (
+    "github.com/spectrocloud/palette-sdk-go/client"
+  )
+
   pc := client.New(
       client.WithPaletteURI(host),
       client.WithAPIKey(apiKey),

diff --git a/docs/docs-content/user-management/authentication/api-key/api-key.md b/docs/docs-content/user-management/authentication/api-key/api-key.md
@@ -17,6 +17,43 @@ revoke, and delete API keys for any user within the tenant. Each of these action
 following resources. Refer to the [Tenant Admin API Key Management](../../../tenant-settings/api-key-management.md)
 section for more information.
 
+## Permissions
+
+API keys are associated with the user who creates them. The permissions associated with the API key are the same as
+those of the user who created the key. If the user has the necessary permissions to perform an action, then the user's
+API key can be used to perform the same action programmatically.
+
+The API key permissions automatically reflect any changes to the user's permissions. If the user belongs to an OIDC/SAML
+group, any changes to the external user's group membership are reflected the next time the user logs in.
+
+## Limitations
+
+Palette API keys that belong to Palette users removed from the organization through OIDC/SAML are not automatically
+removed. We recommend that you remove these keys to ensure that they are no longer used. You can programmatically remove
+the API keys using the REST API or the Palette SDK. Check out the [Delete API Key](./delete-api-key.md) page for more
+information on how to delete an API key programmatically.
+
+:::tip
+
+Tenant administrators can view all API keys created for the tenant. Users are limited to actions for their own API keys.
+To learn more about the API key management tasks you can perform as a tenant administrator, refer to the
+[Tenant API Key Management](../../../tenant-settings/api-key-management.md) page.
+
+:::
+
+## Best Practices
+
+The following are best practices we recommend for managing Palette API keys:
+
+- Set an expiration date for API keys to ensure that they are not used indefinitely. Preferably, set the expiration date
+  to a short duration, such as 30 days, and renew the key as needed.
+
+- Store API keys securely. Do not expose API keys in public repositories or share them with unauthorized users. Use
+  secure storage mechanisms, such as a password manager, to store API keys.
+
+- Regularly review and audit API keys to ensure that they are still required. Remove any API keys that are no longer
+  needed.
+
 ## Resources
 
 - [Tenant Admin API Key Management](../../../tenant-settings/api-key-management.md)