Skip to main content
No Result Found
Connect and get help from 7,000+ developers on our Discord community. Ask the CommunityAsk the Community

Manage access keys

Learn how to manage access keys to run your tests on BrowserStack.

BrowserStack APIs use HTTP Basic Auth for authentication and require BrowserStack’s account credentials in each request. It helps in identifying the account from which API requests are made. BrowserStack account credentials include username and access-key

You can find your username and access key in your Account > Settings.

Locate your username and access key under Settings

If you are logged-in you will be able to view your username and access key below as well:

username = YOUR_USERNAME
access-key = YOUR_ACCESS_KEY

Reset access keys

We provide you an access key when a user account is created. You may want to reset your BrowserStack access key in any of the following cases:

  • In order to comply with your organization’s internal key rotation policies.
  • When any members leave the organization.

This page shows four ways of obtaining a new BrowserStack access key:

  1. Via Command Prompt or Terminal
  2. Through an API Client (such as Postman)
  3. Rotate your access key from the dashboard
  4. Automatically with an auto-rotation policy

Rotate your access key from the dashboard

Rotate your access key to generate a new key from your profile:

Log in to your BrowserStack account.

Click the User Profile icon in the top-right corner, then select Account & Profile and click My Profile.

In the Authentication & Security section, click the rotate icon next to Access Key.

The rotate icon next to the Access Key field in the Authentication and Security section

Click Confirm to generate a new access key.

A success message confirms that the access key is rotated. Use the copy icon to copy the new key and update it in your integrations.

  • Rotating the access key invalidates the existing key. Any API or integration that uses the old access key stops functioning until you update it with the new key.
  • If the auto-rotation policy is enabled, the Key validity status field shows when your access key auto-rotates next. You can manually rotate the key before this date to update your integrations.

Auto-rotate access key

Auto-rotation automatically replaces user access keys and service account access keys with new credentials after a defined duration. This helps you comply with your organization’s key rotation policies without manually resetting your keys. However, we recommend that you manually rotate and update your integrations with the latest access keys.

By default, access keys never auto-rotate. A Group Owner or a Group Admin with authentication permissions can enable the auto-rotation policy for the organization.

Enable the auto-rotation policy

To configure auto-rotation policy for your organization:

Go to Settings > Permissions and expand Authentication & Security Settings.

Under Access key Auto-rotation policy, select Enable auto-rotation policy.

From the Auto rotate Access keys every list, select a rotation duration. You can choose 30, 60, 90, 180, or 365 days.

Select Save.

The Access key Auto-rotation policy enabled with the rotation duration list expanded.

In the Confirm Rotation Policy dialog, review the rotation policy details and select Save. All user access keys and service account keys auto-rotate after the selected duration if you don’t rotate them manually before this date.

The Confirm Rotation Policy dialog explaining that keys auto-rotate after the selected duration if not rotated manually.

Update the rotation duration

To change the rotation duration:

Go to Access key Auto-rotation policy and select a new duration from the Auto rotate Access keys every list.

Select Save.

In the Confirm Rotation Policy dialog, select Save. The updated policy applies only to newly created or rotated keys.

The Confirm Rotation Policy dialog confirming that the updated duration applies only to newly created or rotated keys.

Disable the auto-rotation policy

To turn off auto-rotation policy:

Go to Access key Auto-rotation policy and clear Enable auto-rotation policy.

Select Save.

In the Confirm Rotation Policy dialog, select Save. After you disable the policy, user access keys and service account keys no longer expire and must be rotated manually.

The Confirm Rotation Policy dialog warning that keys have no expiry once auto-rotation is disabled.

View the rotation schedule

After auto-rotation is enabled, you can view the rotation schedule under Settings > Product:

  • In the Local Testing section, the Key validity status field shows the date and time your access key rotates next.
  • In the Service Accounts table, the Key Rotation Schedule column shows the next rotation date for each service account key. The Status column shows whether the key is active or expiring soon.

The Key validity status field and Service Accounts table showing the next auto-rotation date for each key.

We send you an email 14 days before your access key is rotated. We recommend that you rotate the key manually and update it in your dependent integrations before this date. Otherwise, we rotate the key automatically on the scheduled date.

We're sorry to hear that. Please share your feedback so we can do better

Contact our Support team for immediate help while we work on improving our docs.

We're continuously improving our docs. We'd love to know what you liked





Thank you for your valuable feedback

Is this page helping you?

Yes
No

We're sorry to hear that. Please share your feedback so we can do better

Contact our Support team for immediate help while we work on improving our docs.

We're continuously improving our docs. We'd love to know what you liked





Thank you for your valuable feedback!

Talk to an Expert
Download Copy Check Circle