Max number of api keys allowed to be created within a certain timeframe


I’ve created a python application that uses the tailscale api to create keys, list devices, etc. If provided an OAuth Access Token, it can use it to create a temporary api key for use; however, I’m wondering how long this key should last.

For example, I can drastically reduce the number of keys created if I set the api key expiry to a day, but then I’d have to store the key securely somewhere so that I can use it later. Or, I could create a new api key every time I use the appilcation, but that would significantly increase the number of calls to the tailscale api depending on how many times a day a user uses the program.

What would be the best course of action?

Thank you kindly for the help!