# API Management

**Accessing the Settings:**

In Settings, you now have a new panel of options to control which endpoints in the API are available to the program or user accessing it.&#x20;

<figure><img src="/files/pz9kLXhwkC9nTdTd7CMS" alt=""><figcaption></figcaption></figure>

&#x20;**Understanding Endpoint Control:**

Within the API permissions panel, you'll find a list of endpoints that the StealthTestAPI provides. Endpoints are specific URLs (or URIs) that StealthTest exposes for interaction.

<figure><img src="/files/Hs9qIelnwdmXKwj0Zkda" alt=""><figcaption></figcaption></figure>

**Controlling Endpoint Access:**

* **Immediate Updates:** Any changes made to endpoint access are applied immediately without the need to regenerate the API Key. This ensures that your modifications take effect promptly.
* **Minimum Endpoint Requirement:** It's mandatory to have at least 1 endpoint always available. This ensures that if the API key is active there is 1 available endpoint.
* **Disabling Endpoints:** If you wish to restrict access to specific functionalities, you can disable corresponding endpoints. Disabling an endpoint means that it won't be accessible to any program or user.

**Disabling the API Key (Optional):**

* **Complete Access Restriction:** If you want to completely disable API access, you can choose to disable the API Key. This action revokes all access privileges, rendering the API inaccessible until re-enabled.

**Best Practices for API Permission Management:**

* **Regular Review:** Periodically review your API endpoints and access controls. Ensure that the permissions align with your current security policies and requirements.
* **Least Privilege Principle:** Follow the principle of least privilege, granting only the permissions necessary for specific tasks. Avoid giving unnecessary access to endpoints.
* **Audit Trails (coming soon):** Maintain logs and audit trails for API permission changes. This helps in tracking modifications and understanding who made the changes and when.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.stealthtest.com/stealthtest-api/api-management.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.