Configure your API keys to only work for specific IP addresses or referrer URLs, limiting the damage if a key is stolen.
The Metrics API provides operational data via an admin/metrics endpoint, returning a structured JSON tree with metrics aggregated by service and subservice.
Unlike traditional web APIs (e.g., Stripe, AWS), Orion operates in a partially decentralized finance context. While the API key itself is a conventional secret, the actions it authorizes (trading, swapping) often interact with on-chain smart contracts. Thus, the API key does not directly control private keys — it authenticates with Orion’s relay servers, which then sign transactions using Orion’s own hot wallets or user-provided signatures. This separation reduces but does not eliminate risk. Orion Api Key
To ensure the secure use of Orion API Keys, follow these best practices:
Change your keys every 30 to 90 days to minimize exposure risks. Configure your API keys to only work for
SolarWinds typically utilizes standard user credentials or certificate-based authentication via the Orion SDK, but modern cloud-connected modules utilize API tokens. Log into your Orion Web Console as an administrator. Navigate to .
This error means your identity is verified, but you lack permission for the specific request. Check the access control list (ACL) for your API account. While the API key itself is a conventional
If you are experiencing authentication errors, consider the following steps:
Log into the Orion Developer Dashboard and instantly delete or revoke the compromised key. This cuts off all malicious access immediately.
Ensure there are no leading or trailing spaces when copying the key.
Locate the settings menu, often labeled as , API Management , or Integrations in the main navigation sidebar. Step 3: Create a New Secret Key