Security - API keys

Overview

Used to create, update, delete and browse API keys-based security definitions used by REST channels or outgoing connections.

Client applications provide API keys in custom, user-defined, HTTP headers forming, essentially, a username/password pair where the header’s name is a username and the header’s value is a password.

It’s not possible for two or more API key definitions to share the same header name.

../../_images/apikey.png

Create and Edit

../../_images/apikey-create.png
Header Notes
Name Definition name
Header Name of a custom HTTP header that will contain the API key’s value

A newly created security definition has a secret set to a random UUID4 and needs to be changed in order for the definition to be usable.

Change API key

../../_images/apikey-change-secret.png

Updates a definition’s API key - the key is stored in the ODB along with other details of a security definition. This is not a required field and the key can be omitted altogether if it’s not needed at all.

Delete

../../_images/apikey-delete.png

Deletes a security definition and all the connections that make use of it.

Note

It needs to be emphasized that any plain HTTP channels or outgoing connections that were using the definition will also be deleted automatically.

Changelog

Version Notes
3.0 Added ability to use API keys in outgoing REST connections
2.0 Added initially