Slash API Keys Admin vs. Client

I kept on getting a forbidden response when trying to access Slash DQL query endpoint with a previous created API key.

Come to find out our API keys were all erased somehow along the way. Don’t know if we did this somehow or if it happened in an update?

Anyways, went to generate a new API key for Slash and I have to pick between either “Admin” or “Client”.

Looked at the documentation and found no reference to what key does what.

https://dgraph.io/docs/slash-graphql/admin/authentication/

Can anyone shed light on what are the difference between the Admin and Client created API keys.

I was thinking maybe the difference was ability to update the DQL schema from the alter endpoint, but I am running in GraphQL mode so that is not even available.

Hey @amaster507, all the previously created api-keys are considered as the admin api-keys. Need to check why you were not able to access the DQL query endpoint and how your API keys got erased.

A client api-key is for operations like query, mutate or commit and an admin api-key is for admin operations like drop-data, destroy-backend, update-schema and client operations as well.

@Neeraj I thought you could use admin keys for DQL as well?

Yes, we can use the admin key for DQL operations as well.

Reference to the usage of API Key and type of roles it has.