> ## Documentation Index
> Fetch the complete documentation index at: https://goldrush.dev/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Service Keys for the Pipeline REST API

*Published April 30, 2026*

![Service Keys for the Pipeline REST API](https://www.datocms-assets.com/86369/1780000651-08_service_keys_for_the_pipeline_rest_api.jpg)

Pipelines can now be created, updated, and deleted programmatically using a new credential type: **ServiceKeys**.

Regular GoldRush API keys are read-only and intentionally rejected by the Pipeline REST API. ServiceKeys are a separate, mutation-scoped credential issued from the Platform - so the API key embedded in your app or shared with teammates can never accidentally provision, mutate, or tear down a pipeline.

## What's new

* **CRUD over HTTP** - list, create, get, update, replace, and delete pipelines without opening the Platform UI.
* **Status, logs, metrics, destination-health** - query pipeline runtime state from CI, dashboards, or your own control plane.
* **Per-environment isolation** - issue separate ServiceKeys for dev, staging, prod, and each CI system to keep blast radius small.
* **Immediate revocation** - revoking a key returns `401` on the next request; rotate without downtime by overlapping a new key.
* **Group-scoped** - ServiceKeys inherit the group of the user who created them; pipelines in other groups remain invisible.

Send the key as a bearer token on every Pipeline REST request:

```bash theme={null}
curl https://api.covalenthq.com/platform/pipeline-api/ \
  -H "Authorization: Bearer $GOLDRUSH_SERVICE_KEY"
```

[Learn more](https://goldrush.dev/docs/goldrush-pipeline-api/service-keys)
