An API key allows you to protect your endpoints. You can create API keys for different clients and manage the security of your endpoints to allow call them only passing an API Key belong to specific clients.
This feature is also useful to identify the client that has called the endpoint.
In order to create a new API Key, open the dedicated section in the Design area, select
Add New and enter the following information:
- API Key: the value of API Key. You can enter any string, it must not contain blank spaces. Before creating the API Key you can click on
Generate Random API Keyto get a random value.
- ClientType: the client associated with the API Key. You can enter any string, it must not contain blank spaces.
- Active: check the flag to activate the API Key, uncheck to deactivate.
- Description: optional description of the API Key.
In the Management section of the endpoint, for each endpoint, you can specify if protect it with an API key and for which ClientType to authorize calls by using the
Only with an API Key flag and the
User Group Permission field.
You can call an endpoint using an API Key passing the value of the key by
You can also use an API Key setting a
mia_client_key=<API Key value> cookie:
Check out the manage the security of your endpoints section to know in detail how to write the user group expression