An API key can be used when testing, on clients that do not support SameSite cookies, or in situations where an interactive authentication workflow is not feasible.

API Keys are created in the same permission context as the user that created it.

Create an API Key

Securely store the API Key secret. You will not be able to view the secret again. If you forget it, you will need to delete the API Key and create a new one. Additionally, treat your API Key secret as a password. Store it in a safe place such as a password manager.

  1. Click on your profile icon at the top right
  2. Click Profile
  3. Click the API Key tab
  4. Click Create API Key
  5. Wait for the key to be generated. The API Key ID and Secret will be shown in a dialog.

Key Usage

The current version of the API Key is Version 1.0.

Version Key Version Prefix
1.0 VEC1

Key Version 1.0

To use the API Key, simply pass it along in the Authorization header with the following format:

<key_version> <key_id>:<key_secret>

For example:

VEC1 B41IHHZBJIAZMB5E10Q58C:+eHRa6h4byAMcHe1FQKLlnv/4h8=

Example Request

POST /sra-purpletools-rest/graphql HTTP/1.1
Host: localhost:8081
Accept: application/json
Authorization: VEC1 B41IHHZBJIAZMB5E10Q58C:+eHRa6h4byAMcHe1FQKLlnv/4h8=