Manage the Cloud Administration REST API Keys

Document created by RSA Information Design and Development on Jul 20, 2018Last modified by RSA Information Design and Development on Feb 15, 2019
Version 11Show Document
  • View in full screen mode

Clients calling the Cloud Administration REST APIs must authenticate themselves by including a JSON Web Token (JWT) in each request. The JWT is signed using an Administration API key. You can generate up to 10 keys using the Cloud Administration Console. The API keys do not expire. You must manually delete API keys from the Cloud Administration Console when they become compromised or are not in use. You can regenerate a key if it is lost or compromised.

Note:  Only a Super Administrator for the Cloud Administration Console can generate or delete an API key. The Super Administrator provides the API key file to the endpoint administrator.

This topic includes:

For a complete list of Administration APIs, see Using the Cloud Administration REST APIs.

Administrative Roles for API Keys

Each API key is associated with an administrative role. The role ensures that the API has the appropriate administrative permissions in the Cloud Authentication Service. Currently, all APIs default to the Help Desk Administrator role.

Administration API Key Files

An Administration API key file contains the following sensitive data:

  • Access ID - A unique identifier for the API key.
  • Access Key - A private key that you generate and download.

The following example displays the contents of an Administration API key file.

{

"customerName":"mycompanyname",

"accessID":"139f6495-e447-4a26-a765-5c01b6b152d5",

"description":"Integration with NetWitness",

"accessKey":"-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAtyDNwTjD1DEQRs2BjXy0U9I+tTOIzVMeve6cELmOCQgdLYjI\ntpw12FFZY4gT1JX9Mp/uVYKuZGhhvSbB/KhUTzQ9GrondRNto4zz7zOw4Qhzs xFd

"adminRestApiUrl":"https://access.securid.com/AdminInterface/restapi"

}

Add an API Key File

The Super Administrator uses the Cloud Administration Console to generate the Administration API key.

Procedure 

  1. In the Cloud Administration Console, click Platform > API Key Management and select the Administration API Key tab.

  2. Click ADD. The new key is displayed.

  3. (Optional) Enter a description that identifies how the key will be used.

  4. Click Save and Download to download and save an API key file.

Note:  The API key is saved on your server only after you click Save and Download. If you click Regenerate, you cannot use the previous API key file.

After you finish 

Use a secure method to deliver the API key file to the endpoint administrator.

Delete an API Key File

If your API key is compromised, you need to delete the old key and generate a new one. After you delete an API key, any client program using this key will no longer work.

Note:  Publish is not required, as changes take effect immediately. Any client programs that use an API with a deleted key will not function.

Procedure

  1. In the Cloud Administration Console, click Platform > API Key Management and select the Administration API Key tab.

  2. Select next to the API key file that you want to delete.

  3. When prompted, click Delete.

Regenerate an API Key File

If an API key file is lost or compromised, you can regenerate an API key file.

Procedure

  1. In the Cloud Administration Console, click Platform > API Key Management and select the Administration API Key tab.

  2. Click Regenerate to generate and download an API key file. Provide the new API key file to your endpoint administrator.

Update API Key File Description

To update an API key description, perform these steps.

Procedure

  1. In the Cloud Administration Console, click Platform > API Key Management and select the Administration API Key tab.

  2. Click inside the Description box and enter the new text.

  3. Click the check mark to save your changes, or click X to cancel your changes.

  4. (Optional) Regenerate the API key to see the updated description in the API key file. Provide the new API key file to your endpoint administrator.

 

 

You are here
Table of Contents > Cloud Administration REST APIs > Manage the Cloud Administration REST API Keys

Attachments

    Outcomes