When people within your organisation want to use a third-party API to create something new and exciting, sometimes they can't because these APIs only have one API key.

This means they would have both read AND write permissions which could cause issues with your organisation's other integrations (this is bad). Not only this but it would also mean giving out the only API you have.

Piggy API! Thanks to this "piggy in the middle", you can store your organisation's API keys all in one place and generate custom ones for the apps within it. Each app gets its own unique API key containing both which third-party APIs it has access to, and what the app's permissions are.

Instead of calling the external APIs directly, the apps go through Piggy which then checks the apps token, verify it has the correct permissions for thr request it's making, and either lets the request take place or block it.