Key provides the ability to improve Drupal security by managing sensitive keys (such as API and encryption keys). It gives site administrators the ability to define how and where keys are stored, which allows the option of a high level of security and allows sites to meet regulatory or compliance requirements.

Examples of the types of keys that could be managed with Key are:

  • An API key for connecting to an external service, such as PayPal, MailChimp, Authorize.net, UPS, an SMTP mail server, or Amazon Web Services
  • A key used for encrypting data using the encrypt module

Managing keys

Key provides an administration page where users with the "administer keys" permission can add, edit, and delete keys.

By using key, administrators can choose to store their keys in the following locations:

  • Configuration (development only): The configuration key provider stores the key in Drupal’s database
  • File (Better): The file key provider allows a key to be stored in a file, preferably outside of the webroot where it cannot be publicly accessed.
  • External (Best): Use a key management solution external to Drupal. This allows your site to meet security best practices and compliance requirements. Lockr and Townsend Security’s Alliance Key Manager are currently two options with existing modules, however Key is extensible for any key storage provider.

Drupal 7 Documentation

Drupal 8 Documentation

Video Tutorial

Supporting organizations: 
Sponsored initial development and ongoing maintenance
Ongoing maintenance

Project Information

Downloads