API keys tab

IMPORTANT
For security reasons, the super administrator (admin account) cannot create or regenerate API keys, but can only revoke or delete them.
Only administrator accounts with the specific API keys permission are allowed to perform all operations (creation, regeneration, revocation and deletion).
Furthermore, each administrator can only view/edit their own API keys.

Possible operations

Filter Enter a character string to display only results containing this string.
Status selector

Select the status of the API keys that you wish to display in the grid.

The value of this field may be one of the following:

  • All,
  • Active,
  • Expired,
  • Revoked.
Create

This button allows you to create a new API key.

To create a new API key:

  1. Click on Create.
  2. Add comments if necessary.
  3. You can change the default Lifetime (in days) for this key.
  4. Select the Privileges assigned to the key:
    • Blacklist management - Read-only: read-only on routes that allow blacklist management,
    • Blacklist management - Read/Write: read/write only on routes that allow blacklist management,
    • Same as my privileges (permissions of the administrator who created the key).
  5. Click on Apply.
    The wizard shows you the ID and secret of the created key, in identifier:secret format.
    Copy them to keep them in a safe place: the secret can no longer be recovered once the key creation is complete.
  6. Click on Close.
    The key is added to the grid.
Regenerate This button is used to extend the lifetime of the selected API key with the lifetime and privileges that were initially assigned to this key.
Revoke This button disables the selected API key. This key then becomes unusable and appears grayed out in the grid.
Delete

This button deletes the selected API key.

If the key was active, it will first be revoked, and then deleted.
Search in logs Select one or several API keys, and click on this button to view all log entries that match these keys.
API documentation Click on this link to access the firewall's embedded REST API documentation.

Rule grid

ID Displays the unique ID generated when the API key was created.
Owner Displays the e-mail address of the administrator who owns the key.
As a reminder, administrators can only view the keys that they own: only the super administrator can view the keys of all administrators.
Creation date Shows the date on which the key was created.
Expiry date Shows the date on which the key will expire: it can be regenerated before this date to extend its lifetime.
Remaining lifetime Shows the number of days that remain until the key expires.
Status Shows the status of the key during its lifetime: active, expired or revoked.
Comments Shows optional comments added when the key was created.
Access privileges Shows the privileges assigned to the key: the list of privileges varies according to the choice of privileges that were assigned when the key was created.
Last used Shows the date and time that the key was last used to access the firewall's REST API.