We're currently investigating the possibility of restricting API key creation. Is there a way to control or block the creation of API keys, potentially on a user-specific level? If so, what are the permissions or configurations involved?

Rally SAAS

Security Policy

Rally doesn't currently have a feature to restrict API key creation for specific users, but Sub-admins can disable API key creation for everyone, including themselves. This means users will see an "Access denied -403" message when attempting to create an API key. The API Keys tab will still be visible at Access level, but users won't be able to create keys.