Skip to main content

API Keys

API keys are used to authenticate requests to the Manage.Management API.

Generating an API Key

1

Navigate to Settings

Go to your building dashboard and click Settings
2

Open API Settings

Select the API tab
3

Generate Key

Click Generate API Key and give it a descriptive name
4

Copy Key

Copy the key immediately - it won’t be shown again
Keep your API keys secure. Never commit them to version control or share them publicly.

Using Your API Key

Include your API key in the Authorization header: 
curl -X GET "https://api.manage.management/v1/buildings" \
  -H "Authorization: Bearer mm_live_abc123..."

Key Types

TypePrefixUse Case
Livemm_live_Production access
Testmm_test_Development and testing

Key Permissions

API keys can be scoped to specific permissions:
  • Read - View data only
  • Write - Create and update data
  • Delete - Remove data
  • Admin - Full access including settings

Revoking Keys

To revoke an API key:
  1. Go to Settings > API
  2. Find the key you want to revoke
  3. Click Revoke
  4. Confirm the action
Revoked keys stop working immediately. Any applications using the key will receive 401 errors.

Best Practices

Use separate keys for different applications
Rotate keys regularly (every 90 days recommended)
Use the minimum permissions required
Store keys in environment variables, not code
Monitor key usage for unusual activity