API Keys

API keys are used for programmatic access to an account

List API keys

get/apikeys

Lists API keys within an account

SecurityCloudOneApiKey
Request
query Parameters
cursor
string

An encoded value used to retrieve the next set of results for a query that returns more than limit results.

Example: cursor=3FDCA1955AE7EB167B25D7D90AC02B9
limit
integer

The maximum numbers of records to return. If zero, the request will use the default limit 25. If negative, the request will be rejected.

Example: limit=10
roleID
string^[a-z0-9-]+$

When present, the roleID query parameter will filter the list of API keys to those where the roleID exactly matches the provided value.

Example: roleID=full-access
header Parameters
Api-Version
required
string

The API version used in this request.

Value: "v1"
Responses
200

The response body contains the API keys.

400

Something about your request didn't quite make sense. The error message should help you figure out what went wrong.

401

Unauthorized

403

You tried to do something that you're not allowed to do. Check your privileges to see what you're actually allowed to do. This could also mean that your token has expired.

429

You have made too many requests too quickly. Check the Retry-After header for an indication of when you might be able to try again.

500

Something has gone terribly wrong. Sorry! The error message may help you figure out what went wrong, but it's unlikely that you'll be able to do anything about it unless you're the server administrator. It's possible that trying again will help, but it's more likely that you're out of luck for the moment.

503

The service is temporarily unavailable, likely due to maintenance. It should be available soon, check the Retry-After header for an indication of when you might be able to try again.

Response samples
application/json
{
  • "next": "dGhpcyB2YWx1ZSBpcyBvcGFxdWUsIGRlY29kaW5nIGl0IHdvbid0IGJlIHVzZWZ1bAo=",
  • "apikeys": [
    ]
}

Create an API key

post/apikeys
SecurityCloudOneApiKey
Request
header Parameters
Api-Version
required
string

The API version used in this request.

Value: "v1"
Request Body schema: application/json
alias
required
string

The API key's alias

allowedCIDRs
Array of strings

Caller requests must originate from one of the CIDR ranges in this list OR from one of the allowed IP addresses, if provided in the allowedIPs field.

allowedIPs
Array of strings

Caller requests must originate from one of the IP addresses in this list OR from one of the allowed CIDR ranges, if provided in the allowedCIDRs field.

description
string

The API key's description

enabled
boolean

Indicates if the ApiKey can be used to make requests. Defaults to 'true' if not set on creation.

locale
required
string

Locale of the API key, used for localization

roleID
required
string^[a-z0-9-]+$

The API key's role identifier

timezone
required
string

Timezone of the API key, used to display local dates and times

Responses
201

The API key has been created.

400

Something about your request didn't quite make sense. The error message should help you figure out what went wrong.

401

Unauthorized

403

You tried to do something that you're not allowed to do. Check your privileges to see what you're actually allowed to do. This could also mean that your token has expired.

429

You have made too many requests too quickly. Check the Retry-After header for an indication of when you might be able to try again.

500

Something has gone terribly wrong. Sorry! The error message may help you figure out what went wrong, but it's unlikely that you'll be able to do anything about it unless you're the server administrator. It's possible that trying again will help, but it's more likely that you're out of luck for the moment.

503

The service is temporarily unavailable, likely due to maintenance. It should be available soon, check the Retry-After header for an indication of when you might be able to try again.

Request samples
application/json
{
  • "alias": "ABCD key",
  • "description": "Description of ABCD key",
  • "roleID": "full-access",
  • "locale": "en",
  • "timezone": "America/Toronto",
  • "allowedIPs": [
    ],
  • "allowedCIDRs": [
    ],
  • "enabled": true
}
Response samples
application/json
[
  • {
    }
]

Describe an API key

get/apikeys/{id}
SecurityCloudOneApiKey
Request
path Parameters
id
required
string

API key ID

Example: 3FDCA1955AE7EB167B25D7D90AC02B9
header Parameters
Api-Version
required
string

The API version used in this request.

Value: "v1"
Responses
200

The response body contains the API key details.

400

Something about your request didn't quite make sense. The error message should help you figure out what went wrong.

401

Unauthorized

403

You tried to do something that you're not allowed to do. Check your privileges to see what you're actually allowed to do. This could also mean that your token has expired.

404

The resource you were looking for doesn't exist.

429

You have made too many requests too quickly. Check the Retry-After header for an indication of when you might be able to try again.

500

Something has gone terribly wrong. Sorry! The error message may help you figure out what went wrong, but it's unlikely that you'll be able to do anything about it unless you're the server administrator. It's possible that trying again will help, but it's more likely that you're out of luck for the moment.

503

The service is temporarily unavailable, likely due to maintenance. It should be available soon, check the Retry-After header for an indication of when you might be able to try again.

Response samples
application/json
[
  • {
    }
]

Modify an API key

post/apikeys/{id}
SecurityCloudOneApiKey
Request
path Parameters
id
required
string^[A-F0-9]{32}$

The API key ID.

Example: 3FDCA1955AE7EB167B25D7D90AC02B9F
header Parameters
Api-Version
required
string

The API version used in this request.

Value: "v1"
Request Body schema: application/json
alias
required
string

The API key's alias

allowedCIDRs
Array of strings

Caller requests must originate from one of the CIDR ranges in this list OR from one of the allowed IP addresses, if provided in the allowedIPs field.

allowedIPs
Array of strings

Caller requests must originate from one of the IP addresses in this list OR from one of the allowed CIDR ranges, if provided in the allowedCIDRs field.

description
string

The API key's description

enabled
boolean

Indicates if the ApiKey can be used to make requests. Defaults to 'true' if not set on creation.

locale
required
string

Locale of the API key, used for localization

roleID
required
string^[a-z0-9-]+$

The API key's role identifier

timezone
required
string

Timezone of the API key, used to display local dates and times

Responses
200

The response body contains the API key details.

400

Something about your request didn't quite make sense. The error message should help you figure out what went wrong.

401

Unauthorized

403

You tried to do something that you're not allowed to do. Check your privileges to see what you're actually allowed to do. This could also mean that your token has expired.

404

The resource you were looking for doesn't exist.

429

You have made too many requests too quickly. Check the Retry-After header for an indication of when you might be able to try again.

500

Something has gone terribly wrong. Sorry! The error message may help you figure out what went wrong, but it's unlikely that you'll be able to do anything about it unless you're the server administrator. It's possible that trying again will help, but it's more likely that you're out of luck for the moment.

503

The service is temporarily unavailable, likely due to maintenance. It should be available soon, check the Retry-After header for an indication of when you might be able to try again.

Request samples
application/json
{
  • "alias": "ABCD key",
  • "description": "Description of ABCD key",
  • "roleID": "full-access",
  • "locale": "en",
  • "timezone": "America/Toronto",
  • "allowedIPs": [
    ],
  • "allowedCIDRs": [
    ],
  • "enabled": true
}
Response samples
application/json
{
  • "id": "1q7OVkm2HNIkTWNsFxxUcjIlQnP",
  • "alias": "ABCD key",
  • "description": "Description of ABCD key",
  • "secret": "4wWPfkmv4vCHNm1iCYMKidbKfGi9mSfPkYWBEHG8AmQ3hYo2ut82Ypmrsj7sVUWWEv",
  • "roleID": "full-access",
  • "locale": "en",
  • "timezone": "America/Toronto",
  • "allowedIPs": [
    ],
  • "allowedCIDRs": [
    ],
  • "created": "2020-07-10T07:02:10Z",
  • "lastModified": "2020-07-10T07:02:10Z",
  • "lastActivity": "2020-08-10T07:02:10Z",
  • "enabled": true,
  • "urn": "urn:cloudone:identity:ca-1:012345678912:apikey/3FDCA1955AE7EB167B25D7D90AC02B9"
}

Delete an API key

delete/apikeys/{id}
SecurityCloudOneApiKey
Request
path Parameters
id
required
string^[A-F0-9]{32}$

The API key ID.

Example: 3FDCA1955AE7EB167B25D7D90AC02B9F
header Parameters
Api-Version
required
string

The API version used in this request.

Value: "v1"
Responses
204

The API key has been deleted.

400

Something about your request didn't quite make sense. The error message should help you figure out what went wrong.

401

Unauthorized

403

You tried to do something that you're not allowed to do. Check your privileges to see what you're actually allowed to do. This could also mean that your token has expired.

429

You have made too many requests too quickly. Check the Retry-After header for an indication of when you might be able to try again.

500

Something has gone terribly wrong. Sorry! The error message may help you figure out what went wrong, but it's unlikely that you'll be able to do anything about it unless you're the server administrator. It's possible that trying again will help, but it's more likely that you're out of luck for the moment.

503

The service is temporarily unavailable, likely due to maintenance. It should be available soon, check the Retry-After header for an indication of when you might be able to try again.

Response samples
application/json
{
  • "message": "Something went wrong."
}