colunrn is your single control plane for the entire API key lifecycle — from creation and fine-grained scoping, through scheduled rotation and instant revocation, to tamper-proof audit logs. One dashboard, zero blind spots, complete confidence for every engineer on your team.
colunrn is built for teams who treat API key hygiene as a first-class engineering concern. These eight capabilities work together to give you full, auditable command of your credential surface.
Create API keys with precisely defined permission sets, restricting access to only the endpoints and resources each consumer needs. Reduce blast radius by ensuring no key ever carries more privilege than its intended function. Scoped keys integrate directly with your existing service definitions without any code changes.
View docsDefine rotation intervals — hourly, daily, weekly, or custom cron expressions — and colunrn handles key lifecycle transitions with zero downtime. The scheduler issues a new key, validates it, and gracefully retires the old one within a configurable overlap window. Rotation history is fully auditable and exportable.
View docsAssign roles at the team, project, or environment level with fine-grained permissions that map to real operational responsibilities. Admins, developers, auditors, and read-only observers each get exactly the access their workflow demands. Permission changes propagate instantly across all connected services without restarts.
View docsEvery key creation, access attempt, rotation, and revocation is captured in an immutable, tamper-evident log streamed in real time to your dashboard. Filter by user, key, environment, or time range to reconstruct any incident with full context. Export logs as structured JSON or CSV for SIEM and compliance toolchains.
View docsSubscribe to structured webhook payloads for every key lifecycle event — created, rotated, expiring, expired, or revoked — and react instantly in your own systems. Payloads are signed with HMAC-SHA256 so your endpoint can verify authenticity before acting. Retry logic, delivery logs, and dead-letter queues are included out of the box.
View docsOrganise keys into isolated namespaces for development, staging, canary, and production so there's no risk of cross-environment credential leakage. Namespace-level policies enforce different rotation schedules, expiry rules, and access controls appropriate for each stage. Cloning a namespace configuration to a new environment takes a single API call.
View docsConnect colunrn to your identity provider via SAML 2.0 or OIDC and enforce single sign-on across your entire engineering organisation. SCIM-based directory sync keeps user provisioning and deprovisioning automatic — a removed employee instantly loses all key access. Works with Okta, Azure AD, Google Workspace, and any standards-compliant IdP.
View docsInstantly invalidate any key — or an entire namespace — from the dashboard, CLI, or API with a single action that propagates globally in under 200ms. Revocation is irreversible and logged, ensuring no replay or reuse is possible after the action is confirmed. Emergency revocation mode lets on-call engineers act without navigating permission prompts.
View docsAll features are available on every plan.
No capability gating. Higher tiers unlock higher limits, not locked features.
colunrn connects with the tools your team already relies on. No workflow overhaul — just seamless, secure credential sync across every layer of your infrastructure.
Inject scoped API keys directly into your CI/CD workflows. colunrn rotates secrets automatically so your pipelines always use valid, least-privilege credentials.
Sync environment variables to your Vercel projects at deploy time. Scope keys per environment — preview, staging, or production — without ever touching the dashboard manually.
Mirror your colunrn vault to AWS Secrets Manager in real time. Lambda functions and ECS tasks pull fresh credentials on every invocation — zero stale secrets.
Stream key lifecycle events — creation, rotation, revocation — into Datadog as custom metrics and logs. Build dashboards and alerts around your credential health instantly.
Receive real-time alerts in your team's Slack channels when keys are rotated, flagged for unusual usage, or approaching their expiration window. Stay informed without leaving Slack.
Escalate critical credential incidents — unexpected revocations, failed rotations, or policy violations — directly to your on-call engineer via PagerDuty. Mean time to resolution, minimised.
Don't see your tool?
colunrn ships a REST API and webhooks — connect anything in minutes, with or without a native integration.
API keys, fully under control. Manage, rotate, audit, and secure every key across your infrastructure from one unified platform.
Get product updates, security advisories, and developer tips delivered to your inbox. No spam, unsubscribe anytime.
By subscribing you agree to our Privacy Policy.
© 2026 colunrn Inc. All rights reserved.