Access keys contain access and permission information for external services used by Floopstreet. For example, if you create an access key to a Twitter account, Floopstreet can forward your status changes to that Twitter feed.
Note that access keys don't store the actual login information for a service: instead, they store access permissions that are obtained once, when the key is created, via negotiations with the service; see the answer to the creation question.
Access keys use a standard called OAuth that lets a service provider (the connected service) share access permissions with a consumer (Floopstreet) without requesting a login every time the service is accessed. The process for creating an access key includes logging into the service provider and approving the request from Floopstreet for access permission. You will be guided through the sequence of steps by Floopstreet, includings jumps out to the service provider to obtain the access permissions. Since the service provider steps are not managed by Floopstreet, they will look different from the standard Floopstreet API.
Yes. For example, you can create two keys to YouTube, attached to two different accounts. Or, create multiple keys to Twitter, each attached to a different account, and then associate them with different personas; when you edit your status, the new value may be posted to the Twitter account associated with the current persona.
Under most conditions, no: the access permissions granted when the key is created will remain valid, and there will be no need to ask for them again. However, if you revoke the access rights at the service provider, the permissions stored at the corresponding access key are no longer valid. In this case, you will have to refresh them using the
authorize operation, which will walk you through a process similar to the one you used to create the access key.