Manage API keys after their creation

You can modify the properties of an API key at any time after it is created.

Reset a secret key

Use an APIKeysApi object to generate a new secret key for an existing API key. For example, reset the secret key when periodically rotating API keys. Once replaced, the previous secret key will no longer be authenticated by Workload Security.

When you reset the secret key, the returned API key contains the new secret key in the secret_key (Python) or secretKey (JavaScript) property. For Java, you can use the getSecretKey method of the returned ApiKey object.

The APIKeysApi class provides the replace_api_secret_key function (replaceApiSecretKey in JavaScript and Java) that takes the ID of the API key as a parameter. The following example creates a new secret key for an existing API key.

View source

# Reset the key
api_keys_api = api.APIKeysApi(api.ApiClient(configuration))
return api_keys_api.replace_api_secret_key(key_id, api_version)

Also see the Generate an API Secret Key in the API Reference.

Control API key access after creation

After you create an API key you still have control over the API key's access to Workload Security:

  • Modify access rights: Modify the role that is associated with the API key or associate the API key with a different role. (See also Control Access Using Roles.)
  • Revoke access: Either lock out the key to temporarily revoke access, or delete the API key to permanently revoke access.

To modify an API key, create an ApiKey object and set values for the properties that you want to change. Then, use the APIKeysApi class to modify the API key on Workload Security.

The following example code changes the role that is associated with an API key.

View source

# Create a key and set the role ID
key = api.ApiKey()
key.role_id = role_id

# Modify the key on Workload Security
api_keys_api = api.APIKeysApi(api.ApiClient(configuration))
api_keys_api.modify_api_key(key_id, key, api_version)
return key.role_id

Also see the Modify an API Key, Delete and API Key, and Modify an Administrator Role operations in the API Reference.

To use Workload Security to modify the API key, go to  Administration > User Management > API Keys, select the API key and click Properties.