Manage your API Keys in your Service Account to securely interact with our APIs.
You can generate an API keys in your service account for each application that needs access to the Braincube API.
Click on the action icon "manage API Keys" to open the right drawer
and create an API Key :
Scopes allow you to narrow your token to some segment of the API. Here are some examples of scopes required for different usages (this table is not exhaustive):
| Usage | Scope Required |
|---|---|
| IOT Live App | SSO_Read, BRAINCUBE |
| braindata-compute node | BRAINCUBE |
BEWARE: you can access the API Key value ONLY once during the creation. Be sure to save the API Key value in a safe location (i.e. in a password manager).
Then, send this API Key in the HTTP Header x-api-key of your API request. This will authenticate your API call with the access rights of the service account.
You can revoke this API Key any time by clicking on the remove button, or you can set an expiration date during the creation.
NOTE:
- For security reasons, an API key on a service account does not inherit the rights of the service account owner, but only the rights of the service account. Therefore, it is recommended to grant the service account only on the necessary products.
- The creation of an API key on his personal account (from the "access token" page) has been removed due to a security reason: a service account allowing to manage more restricted rights.
- Existing personal API keys will continue to work. A good practice would be to replace these personal API keys with service account API keys and delete them.
BEST PRACTICES:
- A service account can have multiple API keys.
- Each API key must be dedicated to a use.
- It is recommended to standardize the naming of API keys, e.g.: NAMEACCOUNT_USAGE_DATE
- It is preferable to grant a service account to only one site/product. Currently, if necessary, a service account can be granted across multiple sites/products, but this should only be done if the usage requires it.
FOR AN ADMINISTRATOR PROFILE : you can manage the API Keys of Service Accounts from ADMINISTRATION to securely interact with our APIs.
You can create and manage API Keys linked to Service Accounts. As an Administrator Profile, you can also access service account through the Administration Application.
From here you can filter using the top right text field using the name of the service account or the name of the owner. Each line will represent one service account and give access to some actions with the buttons at the end of the line.
The third button will allow you to manage the API Keys of this Service Account.
You will be able to create a new API Key: