API keys in SAFEQ Cloud server are required to access various functions of the server using API calls. Please refer to a separate API documentation for a full description of the available API endpoints and the usage details.
By default there are several API keys predefined for each customer account which are used by various clients connecting to SAFEQ Cloud server, for example the PC client or a Chrome browser extension.
Access to the API key administration UI is controlled by “ModifyApiKey, ViewApiKey, DeleteApiKey” permission set in the user roles. API keys are inherited from top-level vendor nodes. If API key is defined on a vendor level it can be used to access API functions for all sub-accounts for that vendor.
Each API key has the following properties:
Key name– descriptive name of the API key.Key value– value of the API key which is provided in the API requests. It is recommended to use a hard to guess value (such as UUID) for this field.Active– flag indicating whether this API key is active.Full API access– if enabled allows to use this API key for administrative functions such as creating users, accounts, etc. If disabled only a limited subset of functions is available.Allow unauthenticated requests– if this option is enabled it is possible to send API requests without acquiring the user token first.Allow untrusted endpoints– if this option is enabled it is possible to perform login operation and acquire a user token without device registration workflow. Please refer to API documentation for more information.Automatic endpoint trust– If this option is enabled clients which request a device token through OAuth flow will be trusted automatically without the need to confirm device trust through the endpoints UI.Expiration date– optional field indicating the date when this API key expires. If not set the key does not expire.Allowed IPs– a list of whitelisted IP addresses from which API requests are allowed for this key. If not specified all IPs are allowed.
Post your comment on this topic.