Overview

An API key details the exchange information, access token duration, container permissions and the physical key that is used for authentication.

Use the authorization token endpoint to issue an encrypted bearer token for the required API key, which can then be used to access container data via the document endpoints.

API key exchange allows you to easily schedule access - you don’t need to worry about issuing keys at the exact date and time.

API Key Fields

1

API Key

The physical key that is exchanged for an encrypted bearer token.

2

API Key Exchange Allowed

When checked, the API key can be exchanged for a token, otherwise exchange is denied.

3

API Key Exchange Allowed From/To (UTC)

The API key can only be exchanged within these dates, any attempt to exchange an API key outside of these dates will be refused.

4

Access Token Duration

This defines the token lifetime in minutes. Once the token has expired then the API key will need to be exchanged for a new token. For increased security we recommend the duration is kept as small as possible to prevent misuse.

5

Permissions

Permissions allows you to secure one or more container definitions against one or more CRUD or query operations for a specific API key. Any attempt to access a container definition without the necessary permissions will result in an unauthorized response.

Context Menu

You can use the context menu to edit or delete existing API keys or assign container permissions.

API keys cannot be deleted when associated with one or more container definitions.

Query Definitions