API Keys

API keys provide a secure and flexible way to authenticate requests to the OLI API. They serve as an alternative to bearer tokens, allowing users to manage long-lived authentication credentials for various use cases. Here's an overview of API key functionality

This token can passed using the Authorization header to all endpoints

This token can passed using the Authorization header to all endpoints

Header Key
Header Value

Authorization

API-KEY <apiKey>

Features of API Keys

  1. Generation:

    • API keys can be generated by authenticated users via a POST request.

    • Keys can be customized with a name and an optional expiry date (in epoch milliseconds).

  2. Management:

    • A user can have up to 5 active API keys at a time.

    • The list of active and deleted API keys can be retrieved via the GET endpoint.

  3. Deletion:

    • API keys can be deleted when no longer needed using the DELETE endpoint.

    • Deleted keys are immediately invalidated.

Security Best Practices

  • Use expiration dates to limit the lifespan of API keys.

  • Regularly review and delete unused keys to minimize security risks.

  • Store API keys securely; they are only visible at the time of creation.

PreviousBearer TokenNextGenerate a Key

Last updated