Name
Human-readable source name, such as Shop Backend, Website, ERP Connector, or Payment Worker.
Available nowLast updated: June 2026
Event Sources
Event Sources are known producers of operational events. They identify where activity comes from, which project it belongs to, and which credentials are allowed to send events.
Why sources matter
A source creates a trust boundary. Instead of accepting anonymous events from disconnected systems, Lariba Cloud links each event to a known producer, project, environment, and source-scoped key.
Type
Source category used to describe the producer, such as backend, website, mobile, service, worker, or integration.
Environment
Environment label such as production, staging, or development. This helps separate operational activity by context.
Description
Optional metadata that explains what the source represents and why it exists.
Status
Sources can be enabled or disabled. Disabled sources should not be allowed to continue ingesting events.
Last event
Timestamp of the most recent event received from the source. This helps identify stale or inactive producers.
Source lifecycle
A source moves from creation to active ingestion, monitoring, and eventually rotation, disablement, or retirement.
1
Create source
A user creates a source inside a project and defines its name, type, environment, and description.
2
Generate source key
Lariba Cloud generates a source-linked API key for external ingestion. The key should be copied and stored securely.
3
Send events
The external producer sends events to the ingestion API using the source API key.
4
Monitor activity
The dashboard tracks status, last event timestamp, source limits, and source-level visibility.
5
Disable or rotate
If a source is compromised, retired, or misconfigured, it can be disabled and linked keys may be revoked or invalidated.
Source-linked API keys
When a source is created, Lariba Cloud can generate a dedicated source API key. External systems use that key to authenticate with the ingestion API. Keys should be stored securely, rotated when needed, and never committed to source control.
Disable behavior
Disabling a source blocks future ingestion from that source. Depending on backend policy, linked source keys may also be revoked or invalidated to reduce the blast radius of compromised or retired producers.
Security note: treat source API keys as secrets. Do not expose them in public clients unless a browser-safe key mode is explicitly configured with origin and event-type restrictions.
Event Sources are part of the Lariba Cloud Foundation layer and are available in the current developer preview.