Enhancing Security with User-Specific Access Keys for DigitalOcean Functions

Enhancing Security with User-Specific Access Keys for DigitalOcean Functions | DigitalOcean

© 2026 DigitalOcean, LLC. Sitemap .

Dark mode is coming soon. Product updates Enhancing Security with User-Specific Access Keys for DigitalOcean Functions

By Amulya Tomer

Updated: March 23, 2026 5 min read

--access-key ":"

Once connected, your personal credentials are stored securely in your local configuration. All subsequent commands—such as deploy , invoke , and list —will automatically authenticate using your unique key.

3. Delete access keys

If a key is no longer needed (for example, a CI/CD token needs rotation), you can delete it. This will revoke its access without affecting your other keys or your teammates.

doctl serverless key delete

Note: This action is permanent and immediately prevents authentication with that specific credential.

Migration and transition timeline for user-specific access keys

We are currently in a dual support phase . This means:

Grace period: For a limited time, both legacy shared credentials and new user-specific keys will work side-by-side. You can find more information about the migration deadline here .

Action required: To ensure continued access, every user must eventually migrate to their own personal access keys and re-run the doctl serverless connect command if interacting via doctl. Also, if you have hard-coded old keys/tokens anywhere in your system, you will need to replace them with access keys created under your or any other user’s account in your team.

No code changes: This is a platform-level authentication update. You do not need to modify your actual function code.

We recommend admins/owners begin tracking this transition for all users across their teams immediately to prevent access issues once the legacy method is sunsetted .

A more secure future for DigitalOcean Functions

The move to user-specific access keys represents a significant step forward for the security and manageability of DigitalOcean Functions. By linking access to individual identities, we are enabling automated access revocation, better auditability, and a more secure environment for your serverless applications.

We encourage you to log in to the Cloud Panel today, generate your new keys, and update existing workflows.

About the author

Amulya Tomer Author

See author profile Engineering @ DO

See author profile

Share

Trust Security

Start building today From GPU-powered inference and Kubernetes to managed databases and storage, get everything you need to build, scale, and deploy intelligent applications. Sign up

Related Articles

Trust & Security OAuth App Based Workload Identity for Droplets

John Andersen October 22, 2025 8 min read

Read more

Trust & Security How DigitalOcean Uses Semgrep to Fortify Security: A Highlight From Our Toolset

Jordan Vaughn October 7, 2024 2 min read

Read more

Trust & Security Contextual Vulnerability Management With Security Risk As Debt

Ari Kalfus August 12, 2024 13 min read

Read more