When invoking requests to the BigPanda Public API, in order to be authorized, an HTTP Authorization header must be included with a specific API Key.
Currently, only v2.0 APIs support API Keys. Some APIs may instead leverage the Org Token Authorization token. See each API endpoint to determine which Authentication type is required.
Roles with the following permissions can access API Keys in the BigPanda Settings:
|Read-only - view existing API Keys.|
|Full access - view existing API keys and name, assign and describe new API keys.|
To learn more about how BigPanda's permissions work, see the Roles Management guide.
API keys are managed directly through the BigPanda console and can be generated, deactivated, and deleted by administrators.
To access the API Keys screen:
- In the upper right-hand corner of the BigPanda UI, click the Settings cog icon and select API Keys from the dropdown.
- Existing API Keys will be listed in the left pane, along with a Search bar. In this section, you can Create a New API Key as well as Edit or Delete existing keys.
- Click any API Key in the list to see the details of the key, displayed in the pane to the right. In this section, you can edit, activate, or deactivate the key.
An API Key is activated only when it is assigned explicitly to an active user. Upon activation, the role of the user making the API request is authenticated and authorized. A single user can be assigned more than one API Key.
In the API Keys menu, select the New Key button.
Enter a Key Name.
Select the Associated User to assign the key to. The dropdown will contain all active users in the system to choose from.
Optionally, enter a short description to identify this key by.
Select Create Key.
The generated key will be presented to you at this time. Be sure to copy and save it now as this will be the only time it will be available to you.
See the Authentication and Headers page in our API Reference to learn more.
Copy and Save API Keys
Once the Create Key button is selected after filling out the fields in the menu, the generated key will only be exposed and shared in its full form once in the following pop-up. It is important to copy and safely store this key. BigPanda does not store a copy of the key for future reference.
The frequency of key usage can be monitored easily - a call to the Public API will update the
Last Usedtimestamp in the details section of the respective API Key used during the call.
To delete and deactivate an existing key:
- Select or search for the desired key in the API Keys list.
- Select the Delete (trash can) icon.
DELETEin the field to confirm and authorize the deletion. The field is case sensitive.
Once a key is deleted, the action is permanent and not reversible.
Keys associated with users that have been deleted will automatically become inactive and no longer work.
To deactivate an existing key without deleting it:
- Navigate to the desired key and select it.
- In the details pane to the right, click the Active toggle.
- (Optional) Click the Active toggle at any time to reactivate the key
If an active key is deleted, it cannot be regenerated. If the key that was deleted is associated with an external system, create a new key and update the key field on all external systems that make calls to BigPanda’s Public API.
Find your way around the BigPanda Settings screen
Read through the Introduction to BigPanda APIs
Learn about User Management in BigPanda
Updated 28 days ago