Managing API keys

Edited

Once an administrator has invited you to a portal, you can generate API keys and manage them from the API keys tab of your account.

API keys are bound to a specific workspace; they only work on the workspace on which they were created.

API keys allow you to use the following APIs:

For more info, see Using APIs.

Generating an API key

Generate an API key to make authenticated API calls.

  1. Log in to the portal and, in the top right corner, click your user name.

  2. From the your account page, click the API keys tab if it's not already selected.

  3. Click on the + Generate a new API key button, and an API key card will appear on the tab.

  4. Enter a name for the API key in the "Label" field (which is given a default name based on when it was created). To help yourself manage your keys, make these descriptive and indicate the purpose of the API key.

  5. Select the permissions you want given to this API key.

    The list of permissions will only propose those you already have on your ODS workspace.

    Remember that an API key does not grant rights the key's creator doesn't already have. For example, if the only rights you have are editing rights over two specific datasets, the "Edit all datasets" permission will only apply to those two datasets.

    And remember: You should be as restrictive with permissions as you can be in order to limit your security risk. If you observe unauthorized usage of your API key, or if your API key gets exposed or is unused, it is recommended to revoke it and create a new one.

  6. You can now use the API key. Click the copy button to copy it.

Revoking an existing API key

To revoke compromised or unused API keys:

  1. Log in to the portal and, in the top right corner, click your user name

  2. From the Your account page, click the API keys tab

  3. Click on the Revoke key button of the desired API key card

  4. In the dialog box that appears, type "DELETE" and click the Revoke API key button