In Cycloid, authentication was handled with a user login and password. We needed to be able to authenticate machine interaction with our API, which raised the topic of API Keys.

API Keys allow you to create a key with specific permissions for a desired use case. The logic is the same as when you are creating a new user role. This is explained in the permissions section.

The API Key feature now allow to:

# Create API Key

First, we need to name the API Key and write an optional short description of its purpose.

API Key name and description fields

Then, we define the scope for individual actions. These actions can be of various types: creating a project, deleting a credential, reading roles, etc.

These policies can also be narrowed down to specific entities. So that, if you were to have multiple credentials, you could create a role containing policies only for a specific subset of credential. Thus allowing you to have a thinner control on who can do what.

To learn more about permissions, please checkout the permissions page

When the API key is created successfully, a modal containing API Key will be displayed.

WARNING

Be sure to make a copy of the access key below. It’s only displayed upon creation, and you won’t be able to retrieve it later.

API Key success modal

# Delete API Key

The API Key can be deleted in the API Key details view by clicking on the delete button

Delete API Key

or in the list view, where you can use the bulk delete option if you want to delete one or more API Keys.

Delete API Keys

WARNING

Deleting API Key will revoke it. Before deleting the API Key, make sure it's not used by script or other users, and that deletion won't break anything.

# API Key Details

Once you are on the details page, you can have a more insightful view about the API Key.

It's also possible to change the owner, name or a description of the API Key.

It consists of the two sections:

  1. Api Key name and description:

API Key name and description fields

  1. Permissions Overview:

Permissions

# API Keys List

List view displays all available API Keys that exists inside of the organization.

List of API Keys