# Backoffice Users and API Keys In this article you will learn how to add Users to the backoffice and how to manage the API Keys. ## The Backoffice User A Backoffice user can be added in two ways. * Added from the portal from the Team Management section, or * From the Users Section in the Backoffice A feature that is unique for Umbraco Heartcore is the option to create an API Key for specific users. The API Key can be created from the API Key section of the User page. This page can be found under the Users Section in the top-left navigation of the backoffice. ![User Page in the Backoffice](/files/S1VjnBMA2SBtW2CZOk7Z) ## API Keys By default, the Content Delivery API is public, if you would like to protect it you can do so in the "Settings" section and "Headless" tree. ![Protect API](/files/axY5yXKUFSKKRjBKilj8) If your Content Delivery API is protected or you want to use Content Management APIs, your user will need to have an API Key assigned. When you have navigated to the Users section mentioned above you can create the API Key by clicking the "Create API Key" button. A modal will pop up where you enter the name of the key and set a date for when it should expire. If there is no expire data, the API Key will be valid until you delete it manually. ![Creating the API Key](/files/fqWFiXLA5136rUZ7AmTq) Once the API Key has been created you will see the actual key and two examples on how to use the key with the Authorization header and an API-Key header. ![The created API Key](/files/ULYUlLmpCXpmdoUjzOnH) You are able to see a list of all your created API Keys and all relevant information. You are also able to revoke a generated key. ![List of all APIs](/files/oxPHr5j3dUo3SYFCRWuw) {% embed url="" %} Umbraco Heartcore: API keys {% endembed %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.umbraco.com/umbraco-heartcore/getting-started/backoffice-users-and-api-keys.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.