search

API Keys

API keys provide a secure and flexible way to authenticate requests to the OLI API. They serve as an alternative to bearer tokens, allowing users to manage long-lived authentication credentials for various use cases. Here's an overview of API key functionality

This token can passed using the Authorization header to all endpoints

circle-info

This token can passed using the Authorization header to all endpoints

Header Key
Header Value

Authorization

API-KEY <apiKey>

hashtag
Features of API Keys

  1. Generation:

    • API keys can be generated by authenticated users via a POST request.

    • Keys can be customized with a name and an optional expiry date (in epoch milliseconds).

  2. Management:

    • A user can have up to 5 active API keys at a time.

    • The list of active and deleted API keys can be retrieved via the GET endpoint.

  3. Deletion:

    • API keys can be deleted when no longer needed using the DELETE endpoint.

    • Deleted keys are immediately invalidated.

hashtag
Security Best Practices

  • Use expiration dates to limit the lifespan of API keys.

  • Regularly review and delete unused keys to minimize security risks.

  • Store API keys securely; they are only visible at the time of creation.

PreviousBearer TokenNextGenerate a Key

Last updated

Was this helpful?