Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

My dev team is saying that the API key they are using is returning insufficient permissions errors when trying to do routine things like add an identity.
They forwarded some instructions on creating a key with sufficient permissions, but in my account there's literally only the option to give the key a name and an expiry date, absolutely no way to set permissions when creating it.
If I then try to open up the options for the key after creation the only option is to delete it.
How do you actually manage key permissions?

API keys do not allow specifying permissions yet. Could you get more details on the error they're seeing?