Authorization is better when it's separated from identity. The key you aren't actively using won't be compromised.