Overview of rrwebCloud API Keys

You can manage your API keys in the rrweb Cloud dashboard.

publicAPIkey (for recording)

• generated after you sign up and create an account with rrwebCloud
• created for your organization, currently not associated with any website/domain name
• can be visible to your end users in the browser, in fact required in order to initiate a recording
• does not allow any reading of data or access recordings, only allows writing of new recording data from the browser
• can be revoked/rotated in your rrwebCloud dashboard
• does not expire

privateAPIKey

• generated after you sign up and create an account with rrwebCloud
• can be used to retrieve all recordings created against your account
• can be used to retrieve all events from a recording
• should not be exposed to your end users in the browser, e.g. to directly retrieve a replay
• can be used to request a per-replay presigned key

Presigned URLs

• generated server side from your privateAPIKey
• different URL and key used for each replay, can be sfely shared with third parties