Using API Keys in RAW
API Keys provide a way to associate consumer keys to endpoint scopes, so that clients can consume endpoints securely.
The access to the API Keys view is done via selecting the
API Keys tab of the left sidebar
Below you can observe the
API Keys view:
In this view, you can observe the API keys of your application, along with the following metadata:
- Name: The name of the API key. Useful for identifying them quickly.
- Key: The actual key, hidden from plain sight. You can reveal it (please be cautious) and copy it so that you can share it with your clients of interest.
- Expires At: Date until the API Key is considered valid. Recommended being short term. After that date, the key will be considered invalid.
- Status: Whether the key is active or not. In case of a potential leak, or for your own business reasons, you can deactivate the key, and perhaps activate it again any time required.
- Scopes: The endpoint scopes that the key is bound with. An API Key can be related to as many endpoint scopes as you may like, as these are defined in your endpoint yml files.
Add a new API Key
Assuming the endpoint
ISS/isslocation contains the scope ISS, as per the screenshot below, when we request a new API key,
we will relate this API key to this scope.
Below you can see the form to request a new API key. We set the key as active from start, we add the expiration time 1 month from now,
and we relate the
iss scope to the key.
After clicking 'Done', we will get a visual notification on the right side of our screen that key was generated successfully, and we can observe it in the table, as per the image below:
scopes column, you can observe the list of scopes that this API key is bound with. On the right, using the
you can observe the API key configuration, i.e. the expiration date, the scopes that are bound with it, and you can perform
two actions; Activate/deactivate the key, or delete the key, as per the below example.
Consume an endpoint with your API Key
If we hover over the
key column of the table, and left click, we will copy the actual key in our clipboard. After that,
we can invoke the endpoint using the key via this custom header:
As per example, we will demonstrate a curl request with this API key:
curl -H 'X-RAW-API-KEY:OUR_COPIED_API_KEY_HERE' 'https://dev-nuhynxsvnkentel.raw-labs.com/docs-raw-labs/1/public/ISS/isslocation' | jq .
"Shandan County, 734100 Gansu, China"