I am working with Azure API Management and wondering what is the difference between primary and secondary subscription keys. I can access the API using both so, what is the exact difference?
9
votes
1 Answers
8
votes
The goal of the primary and secondary keys is to allow for "rolling" upgrades, you can have a client with both, if one isn't working the other key can be used.
This allows for the scenario to change the primary key (regenerate) and the other party can still use the secondary keys.
After the primary is regenerated, you can follow the same scenario with the secondary key to regenerate that.
The other scenario is for granting temporary access, you grant the secondary key to another party, and regenerate the key to revoke their access: https://blogs.msdn.microsoft.com/mast/2013/11/06/why-does-an-azure-storage-account-have-two-access-keys/
