Manage API Keys after their Creation
You can modify the properties of an API key at any time after it is created.
Reset a secret key
Use an APIKeysApi
object to generate a new secret key for an existing API key. For example, reset the secret key when periodically rotating API keys. Once replaced, the previous secret key will no longer be authenticated by Deep Security Manager.
When you reset the secret key, the returned API key contains the new secret key in the secret_key
(Python) or secretKey
(JavaScript) property. For Java, you can use the getSecretKey
method of the returned ApiKey
object.
The APIKeysApi class provides the replace_api_secret_key
function (replaceApiSecretKey
in JavaScript and Java) that takes the ID of the API key as a parameter. The following example creates a new secret key for an existing API key.
# Reset the key api_keys_api = api.APIKeysApi(api.ApiClient(configuration)) return api_keys_api.replace_api_secret_key(key_id, api_version)
return new Promise((resolve, reject) => { const apiKeysApi = new api.APIKeysApi(); apiKeysApi .replaceApiSecretKey(keyID, apiVersion) .then(key => { resolve(key.secretKey); }) .catch(error => { reject(error); }); });
ApiKeysApi apiKeysApi = new ApiKeysApi(); return apiKeysApi.replaceApiSecretKey(key.getID(), apiVersion);
Also see the Generate an API Secret Key in the API Reference.
Control API key access after creation
After you create an API key you still have control over the API key's access to Deep Security Manager:
- Modify access rights: Modify the role that is associated with the API key or associate the API key with a different role. (See also Control Access Using Roles.)
- Revoke access: Either lock out the key to temporarily revoke access, or delete the API key to permanently revoke access.
To modify an API key, create an ApiKey
object and set values for the properties that you want to change. Then, use the APIKeysApi
class to modify the API key on Deep Security Manager.
The following example code changes the role that is associated with an API key.
# Create a key and set the role ID key = api.ApiKey() key.role_id = role_id # Modify the key on Deep Security Manager api_keys_api = api.APIKeysApi(api.ApiClient(configuration)) api_keys_api.modify_api_key(key_id, key, api_version) return key.role_id
// Create a key and set the role ID const key = new api.ApiKey(); key.roleID = roleID; // Modify the key on Deep Security Manager const apiKeysApi = new api.APIKeysApi(); apiKeysApi .modifyApiKey(keyID, key, apiVersion) .then(key => { resolve(key.roleID); }) .catch(error => { reject(error); });
// Create Key object that uses the role ApiKey keyWithRole = new ApiKey(); keyWithRole.setRoleID(roleID); // Update the key on Deep Security Manager ApiKeysApi apiKeysApi = new ApiKeysApi(); return apiKeysApi.modifyApiKey(key.getID(), keyWithRole, apiVersion);
Also see the Modify an API Key, Delete and API Key, and Modify an Administrator Role operations in the API Reference.