Counter API Keys
Issue scoped API keys that can read or modify a single counter programmatically.
TapTally lets you tally programmatically — send taps to a counter from your website, application, or scripts. To do that safely, each counter can issue its own counter-specific API keys: keys that are restricted to that one counter and nothing else. If a key leaks, the blast radius is a single counter.
Generating a key
Open a counter's detail page and expand the Counter API Keys section (it shows a count of existing keys). Select Generate Key to open the dialog.
Choose the permissions the key should have:
| Permission | Scope | Allows |
|---|---|---|
| Read counter value | read:counters |
Fetching the counter's current value. |
| Modify counter value | write:counters |
Incrementing / changing the counter. |
At least one permission must be selected before the Generate button enables. A key can carry both.
Saving the key
After generation, TapTally shows the new key once in a green alert with show/hide and copy buttons.
Save it now — you won't be able to see it again. TapTally only stores a reference to the key, never the secret itself. If you lose it, generate a new one and delete the old.
Managing keys
Existing keys are listed under the same section. Each entry shows:
- The key's id (in monospace).
- An Active / Inactive status chip.
- The scopes it was granted.
- The date it was created.
📷 Screenshot: The counter's list of API keys showing ids, status chips, and scopes.
Found an issue in the docs? Open an issue on GitHub.