Introducing API Key v2: Simplified Authentication for StreamNative Cloud

At StreamNative, we continuously invest in improving the developer and operator experience across our cloud platform. As organizations scale their real-time data platforms, managing access securely and efficiently becomes increasingly important.

Today, we are excited to introduce API Key v2, a major improvement to authentication in StreamNative Cloud that simplifies credential management, strengthens security controls, and lays the foundation for future platform capabilities. API Key v2 will be available starting March 17.

The challenge with instance-scoped API keys

Until now, StreamNative Cloud has supported API Key v1, where API keys are scoped at the instance level. While this model works well for smaller environments, it can become operationally complex as organizations scale across multiple instances and clusters.

Customers told us they wanted:

• A simpler way to manage authentication across their organization
• Fewer credentials to manage as their environments grow
• Better alignment with RBAC-driven security models
• Expanded API key usage beyond just Pulsar clusters

API Key v2 was designed to address these needs.

Introducing API Key v2: Organization-level authentication

With API Key v2, API keys are no longer tied to a specific instance. Instead, they operate at the organization level, significantly simplifying authentication management.

Authorization continues to be enforced through role-based access control (RBAC), ensuring users and services still have precise, fine-grained permissions without requiring multiple instance-specific keys.

API Key v2 also expands API key authentication beyond the data plane.

Previously:

• API keys could only be used for Pulsar cluster authentication
• Accessing the StreamNative Cloud API (control plane) required OAuth

With API Key v2:

• API keys can be used for both Pulsar clusters and Cloud APIs
• This enables more consistent automation workflows
• It simplifies integration with platform tooling

Support for API key authentication with snctl and the Terraform provider for Cloud API access will be introduced in an upcoming release.

Key benefits of API Key v2

API Key v2 delivers several important improvements:

• Organization-level scope
  Manage authentication once at the organization level instead of per instance.
• Simplified access management
  Create and manage fewer credentials while maintaining strong access controls.
• Improved operational efficiency
  Reduce operational overhead when managing multiple clusters.
• Foundation for future enhancements
  Enables upcoming security, automation, and platform capabilities.

What this means for new organizations

Organizations created after March 17 will automatically use API Key v2. Any Pulsar clusters created after this date will also use API Key v2 and will no longer require instance-scoped API keys.

It is important to note:

• New API keys created under API Key v2 will not work with older Pulsar clusters until those clusters are upgraded.
• Existing clusters can continue using their current API keys until they are upgraded.

This approach ensures a smooth transition while maintaining backward compatibility.

What this means for existing organizations

Existing organizations currently using API Key v1 will continue to operate without disruption. All existing API keys will remain fully functional.

Over the coming months, StreamNative will gradually upgrade existing organizations to API Key v2. Customers will receive advance communication before their organization is upgraded.

The upgrade process includes:

• Enabling API Key v2 at the organization level
• Upgrading existing Pulsar clusters
• Ensuring continuity of existing API keys

This process is handled by StreamNative engineering and requires no action from customers.

Customers who want to accelerate their upgrade timeline can contact StreamNative Support.

After your organization is upgraded:

• New Pulsar clusters will automatically use API Key v2
• Existing API keys will continue to work across all clusters
• New API keys created after the upgrade will only work with upgraded clusters
• The StreamNative Cloud console will show which API key version your organization is using

Migration considerations

When planning your transition to API Key v2, keep the following in mind:

• Existing API keys will continue to function after migration
• Migration can be completed without service disruption
• New API keys created under API Key v2 will not work with clusters that have not yet been upgraded
• Older clusters must be upgraded to work with the new API Key v2 credentials

Building the foundation for the future

API Key v2 is an important step toward making StreamNative Cloud easier to operate at scale while strengthening security and improving automation capabilities. This enhancement reflects our ongoing commitment to simplifying platform operations while enabling enterprise-grade governance.

We will continue expanding authentication capabilities as part of our broader roadmap to support secure, AI-ready, and automation-driven data platforms.

Learn more

Learn more about API Key v2 authentication capabilities. If you are interested in upgrading or have questions, please contact StreamNative Support or your account team.

We appreciate your continued partnership and look forward to continuing to improve the security and usability of StreamNative Cloud.