API Keys
Programmatic access tokens for the Planna REST API. Treat keys like passwords — they grant full access to the scopes they hold.
Active keys
3 keys can authenticate API requests.
Production Server
pk_live_8f2a••••••••••••tasks:readtasks:writeprojects:readprojects:write
Created Jan 4, 2026 Last used 6h ago
Staging CI
pk_test_2c91••••••••••••tasks:readprojects:read
Created Mar 5, 2026 Last used 1d ago
Analytics Pipeline
pk_live_a1b9••••••••••••analytics:read
Created Apr 4, 2026 Last used 6h ago
Revoked keys
Kept for audit history. No longer functional.
Legacy Webhook
pk_live_77de••••API best practices
- Use the narrowest scopes possible — never request write access you don't need.
- Rotate keys every 90 days, and immediately if a key leaks.
- Store keys in a secrets manager (Vault, AWS Secrets Manager, Doppler).
- Never commit keys to Git. Use environment variables.