How to Generate and Use Your API Key

The Nobregas MySQL Panel provides an API key for programmatic access to your account. With an API key, you can integrate panel operations into scripts, CI/CD pipelines, and custom applications without logging in through the browser.

What Is an API Key?

An API key is a unique secret token tied to your account. It works like a password for automated systems — instead of entering your email and password, your script sends the API key with each request to authenticate.

Generating Your API Key

1. Log in at mysql.nobregas.org.
2. Click your avatar (user icon) in the top-right corner and select Profile.
3. Scroll to the API Key section.
4. Click the regenerate button (sync icon) next to the API key field.
5. A confirmation dialog appears warning that the current key will be invalidated.
6. Click Generate to confirm.
7. Your new API key is displayed. Copy it immediately — for security reasons, it may not be shown again in full.

If you already have an API key and generate a new one, the previous key is revoked and stops working. Only one active key exists at a time.

Using Your API Key

Include the API key in your HTTP requests to authenticate with the panel's API endpoints.

Example: cURL

curl -H "Authorization: Bearer YOUR_API_KEY" \
     https://mysql.nobregas.org/api/databases

Example: PHP

$ch = curl_init('https://mysql.nobregas.org/api/databases');
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    'Authorization: Bearer YOUR_API_KEY'
]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);

Example: Python

import requests
headers = {'Authorization': 'Bearer YOUR_API_KEY'}
response = requests.get('https://mysql.nobregas.org/api/databases', headers=headers)

Example: Node.js

const response = await fetch('https://mysql.nobregas.org/api/databases', {
  headers: { 'Authorization': 'Bearer YOUR_API_KEY' }
});

What You Can Do with the API

The API key grants the same permissions as your logged-in session:

• List databases and their details.
• Create and delete databases.
• Manage database users and privileges.
• Run queries.
• Create and manage backups.
• Manage IP whitelists.

Security Best Practices

Store Securely

• Never commit API keys to Git or any version control system.
• Use environment variables to store the key:

  export NOBREGAS_API_KEY="your_key_here"
  

• Use a secrets manager in production (AWS Secrets Manager, Vault, etc.).

Rotate Regularly

Generate a new API key periodically. This revokes the old key and issues a fresh one, limiting the window if a key was ever exposed.

Limit Exposure

• Only share the API key with systems that need it.
• Never include it in client-side code (browser JavaScript).
• Never send it over unencrypted channels (always use HTTPS).

Revoke If Compromised

If you suspect your API key has been leaked, immediately generate a new one. The old key is revoked instantly.

Regenerating Your API Key

To get a new key (and revoke the current one):

1. Go to Profile (via your avatar in the top-right corner) and scroll to the API Key section.
2. Click the regenerate button (sync icon) and confirm.
3. The old key is revoked and a new one is issued.
4. Update all scripts and applications with the new key.