Configuring Service API Keys
- Gary Leicht
The service API key is a unique identifier that is used to facilitate API authentication in an API request initiated by a service user. Service users are not allowed to sign in to Infoblox Portal. They are service accounts that are used by applications to access Infoblox Portal through the API. Each service API key is associated with a service account user. A service account user can be associated up to 10 service API keys.
You can create service API keys for specific purposes. For example, you can use a service API key to authenticate an API call to automate a process to generate reports on Infoblox Portal and send the report to yourself via email. The service API key is the token key that you use in your command when executing the API call. You can also create service users and service API keys for user management purposes. For example, you can create a service user called "SCIM delete user" and associate it with a service API key, so you can use the key to execute an API call to delete invalid users safely and to automate the cleanup process of invalid users. In this case, invalid users can be those who have left your company or those who are not allowed to log in to your system for specific reasons.
The Service API Key page lists the following for all the API keys you have configured:
ID: The ID of the API key. This is the first 32 characters of the full service API key, which does not contain the secret of the key.
NAME: The name of the API key.
STATE: Indicates whether the API key is currently Enabled, Disabled, or Expired. An enabled API key is available for use while an expired key is no longer valid. You can enable and disable a valid user API key, but you cannot enable or disable an expired one. Fourteen (14) days prior to expiration of your service API key, Infoblox Platform will notify you in-app and via email on a daily basis. You can create a new API key to replace the expiring one, and then delete the old one when it expires.
EXPIRES AT: The timestamp when the API key will expire or has expired.
LAST USED AT: The timestamp when the API key was last used in an API operation. For troubleshooting purposes, this gives you an idea when the API key was last used in case of suspicious activities.
CREATED AT: The timestamp when the API key was first created.
UPDATED AT: The timestamp when the API key was last updated.
TYPE: The type of API keys. This can be one of the following:
Legacy: Legacy keys are user API keys that were automatically generated for signed-in user in previous releases. Infoblox will deprecate legacy keys in the near future. For information, see Configuring User API Keys.
Interactive: Interactive keys are user API keys that signed-in users created for themselves. All signed-in users are allowed to create user API keys for themselves. For information, see Configuring User API Keys.
Service: Service API keys are API keys created for service account users. These keys are used to facilitate API authentication between devices. No signed-in users are involved in the API requests.
CREATED BY: The user who created this API key.
UPDATED BY: The user who last updated this API key.
You can do the following in this tab:
Click the option menu next to the checkbox to select or deselect the columns to be displayed. You can also restore the settings to default.
Click the option menu next to the checkbox, and select Enable or select the check box for the respective key and click the Enable button to enable an API key.
Click the option menu next to the checkbox, and select Disable or select the check box for the respective key and click the Disable button to disable an API key.
Click the option menu next to the checkbox, and select Delete or select the respective key and click the Delete button to delete an API key.
Select a key to view the details on the right-hand panel. If you do not want to view the details, click the information button (letter i inside a square).
Enter the value that you want to search in the Search text box. Infoblox Portal displays the list of records matching the keyword in the text box.
Click the filter button to filter the API keys by Name, State, and Type.
The following table lists the permissions required to perform tasks associated with service API key management:
Tasks | User Roles/ User Groups | Required Permissions |
|---|---|---|
Create service users | Administrators Administrator Role | All Access |
Custom role | User Manage | |
Create service API keys | Administrators Administrator Role | All Access |
Custom role | Service API Keys Create |
You can also perform the following actions based on your permissions: