New Relic
New Relicmonitoring3 credentials
User API Key
new-relic / user-api-key
New Relic user API keys authenticate NerdGraph and other account APIs on behalf of a user. New Relic documents user keys as one of the New Relic API key types.
Looks like
exampleNRAK-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXLocation
NEW_RELIC_API_KEY, NEW_RELIC_USER_KEY, NEW_RELIC_API_KEY_US, NEW_RELIC_API_KEY_EUAPI-KeyNew Relic API key header used by NerdGraph and REST APIs
Terraform provider config, automation .env files, scripts, and deployment manifests
CI/CD variables, cloud secret managers, and monitoring automation secrets
observability automation, IaC, examples, and committed scripts
API client traces, Terraform logs, and CI output
Notes
User keys inherit the creating user's access and can query or modify New Relic resources according to account permissions.
Ingest License Key
new-relic / ingest-license-key
New Relic ingest and license keys are used by agents and telemetry senders to report data to New Relic. New Relic documents license and ingest keys as API key types for telemetry ingestion.
Looks like
exampleXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXLocation
NEW_RELIC_LICENSE_KEY, NEW_RELIC_INSERT_KEY, NEW_RELIC_INGEST_KEYnewrelic.yml, agent configs, Helm values, Docker Compose files, and deployment manifests
Kubernetes Secrets, CI/CD variables, cloud secret managers, and platform app config
agent setup scripts, examples, and accidentally committed telemetry config
agent startup logs, deployment output, and CI traces
Notes
Ingest keys allow sending telemetry to the associated account but usually do not grant query or account-management API access.
Browser Monitoring Key
new-relic / browser-license-key
New Relic browser monitoring uses browser-specific keys in client-side JavaScript configuration. New Relic documents browser keys among API key types used by New Relic telemetry products.
Looks like
exampleNRJS-XXXXXXXXXXXXXXXXLocation
browser agent config, frontend build settings, .env files, and application config
browser bundles, HTML templates, examples, and committed frontend config
frontend build output and browser agent diagnostics
Notes
Browser monitoring keys are deployed to client applications and should be triaged differently from user API keys or license keys.
Scope
Authorized use
LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.