Allowing users to create api keys

Hey there @truescope !

Apologize for the delayed response here, but wanted to get back to you on this one.

This is exactly the recommended approach: