API keys are used when you need to call the API's directly.

You can define the permissions the API Key has access to via Scopes.

The scopes have only the permissions of the user's role.

So, if you are a read-only user, you can only give read-only access to your API Key. Read more about roles at Features > Security.

After you create the API Key, the system will present the key for the calls. This key is only presented once after creation for security reasons.