Practise the standard verbs for scoping and managing API keys safely.
0 / 5 completed
1 / 5
Fill in: 'We ___ every API key to the narrowest set of permissions the integration actually needs.'
We 'scope a key' — the standard, established collocation for restricting its permissions. The other options aren't the recognised term here.
2 / 5
Fill in: 'A key issued with full account access can ___ far more damage than intended if it ever leaks.'
We say an over-privileged key will 'cause' damage — the standard collocation for the resulting risk. The other options aren't idiomatic here.
3 / 5
Fill in: 'We ___ a distinct key per integration so a single leak never compromises every connected system at once.'
We 'issue a key' — the standard, established collocation for handing one out to a client. The other options aren't the recognised term here.
4 / 5
Fill in: 'We ___ key usage against its declared scope so an unexpected call pattern gets flagged automatically.'
We 'audit' usage — the standard, established security collocation for reviewing behaviour against policy. The other options aren't the recognised term here.
5 / 5
Fill in: 'We ___ an unused key after a fixed period of inactivity instead of leaving it valid forever.'
We 'revoke a key' — the standard, established collocation for invalidating credentials. The other options aren't the recognised term here.