Skip to main content
Skip table of contents

API keys login

To configure the Valsight application to use the API keys login method, edit conf/config.yml and restart the server after making changes.

This login method is not a SSO method, but an alternative to standard username/password login. It is possible to login with API keys, even if the form login was disabled. API keys are stored as a hash in the database.


Configuration Key (apiKeyAuth →)DescriptionExample ValueDefault Value
enabled
Whether API keys authentication method is allowed or not.
true
false

How to generate and remove API keys

User page

Option 1 AVAILABLE SINCE 4.7.0

To generate an API key:

  1. Navigate to your profile via the navigation bar
  2. Click on the button 'Generate API Key' 
  3. The generated key is shown

The leading and trailing are not part of the key. This is the only time and place where you can see the generated key. If you leave or reload the page with the displayed key, you will not be able to view it in the application again.

How to remove an API key:

  1. Navigate to your profile via the navigation bar
  2. Click on the button 'Delete all API keys'
  3. All the API keys for your user are removed

It is not possible to remove only one specific key for a user.

Option 2

To generate an API key:

  1. In the Valsight settings navigate to the user profile
  2. Click on the button 'Generate API key'
  3. The generated key appears at the top

The leading and trailing are not part of the key. This is the only time and place where you can see the generated key. If you leave or reload the page with the displayed key, you will not be able to view it in the application again.

How to remove an API key:

  1. In the Valsight settings navigate to the user profile
  2. Click on the button 'Delete all API keys'
  3. All the API keys for that user are removed

It is not possible to remove only one specific key for a user.


Users can only access data via an API key if they have permission rights for the project/model/workspace.

How to login with API keys

Steps:

  1. Make sure this login method is turned on in the config.yml
  2. Use a valid API key
  3. Create a form POST request to the endpoint '<APPROOT>/v1/apiKey'. The form contains 2 parameter, 'username' and 'api_key'.
  4. If the combination username/key was valid the application will recognize the user from it and log him in. The response contains a cookie 'JSESSIONID' that the user can use to authenticate for subsequent requests. The cookie is present in the HTTP header 'Set-Cookie' in the response.

 You can see if the user logged in via API key or form in the 'Security audit log'. The login successful entry will have 'API key login' attached to it, if the user logged in via an API key.

Logging:

For logging purpose, add in the log level view ( Configuration UI), the following package: 

  • Logger: com.valsight.authentication.apikey.ApiKeyAuthenticationProvider
  • Level: DEBUG
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.