API keys
API keys
API keys are the default method to authenticate with DCT. This is done by including the key in the HTTP Authorization request header with type apk. A cURL example using an example key of 1.0p9PMkZO4Hgy0ezwjhX0Fi4lEKrD4pflejgqjd0pfKtywlSWR9G0fIaWajuKcBT3
would appear as:
curl --header 'Authorization: apk 1.0p9PMkZO4Hgy0ezwjhX0Fi4lEKrD4pflejgqjd0pfKtywlSWR9G0fIaWajuKcBT3'
cURL (like web browsers and other HTTP clients) will not connect to DCT over HTTPS unless a valid TLS certificate has been configured for the Nginx server. If this configuration step has not been performed yet and the risk is comprehended, you may disable the check in the HTTP client. For instance, this can done with cURL using the --insecure flag. The cURL version must be 7.43 or higher.
Create and manage API Keys
The initial API key created should be used to create a new admin secure key. This is done by creating a new Account entity and setting the generate_api_key. The "username" attribute should be the desired name to uniquely identify the account.
curl --location --request POST 'https://<hostname>/v2/management/accounts' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'Authorization: apk 1.0p9PMkZO4Hgy0ezwjhX0Fi4lEKrD4pflejgqjd0pfKtywlSWR9G0fIaWajuKcBT3' \
--data-raw '{
"username": "secure-key",
"generate_api_key": true
}'
If the cURL version being used is below 7.43, replace the --data-raw option with --data.
A response should be received similar to the lines below:
{
"id": 2,
"token": "2.vCfC0MnpySYZLshuxap2aZ7xqBKAnQvV7hFnobe7xuNlHS9AF2NQnV9XXw4UyET6"
"username":"secure-key"
}
Now that the new and secure API key is created, the old one must be deleted for security reasons since the key appeared in the logs. To do this make the following request:
curl --location --request DELETE 'https://<hostname>/v2/management/api-clients/<id>' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'Authorization: apk 2.vCfC0MnpySYZLshuxap2aZ7xqBKAnQvV7hFnobe7xuNlHS9AF2NQnV9XXw4UyET6'
The id referenced above is the numeric id of the Account. It is the integer before the period in the token. For example, the id of 1.0p9PMkZO4Hgy0ezwjhX0Fi4lEKrD4pflejgqjd0pfKtywlSWR9G0fIaWajuKcBT3
is 1.
Finally, to list all of the current Accounts, make the following request:
curl --location --request GET 'https://<hostname>/v2/management/accounts/' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'Authorization: apk <your API key>'