diff --git a/astro/public/img/docs/apis/api-key-endpoint-permissions.png b/astro/public/img/docs/apis/api-key-endpoint-permissions.png index 58259553ba..e037b5fe83 100644 Binary files a/astro/public/img/docs/apis/api-key-endpoint-permissions.png and b/astro/public/img/docs/apis/api-key-endpoint-permissions.png differ diff --git a/astro/public/img/docs/apis/create-tenant-api-key.png b/astro/public/img/docs/apis/create-tenant-api-key.png index 3f561c540e..a8e4abd64a 100644 Binary files a/astro/public/img/docs/apis/create-tenant-api-key.png and b/astro/public/img/docs/apis/create-tenant-api-key.png differ diff --git a/astro/public/img/docs/create-api-key.png b/astro/public/img/docs/create-api-key.png index b406c02e99..ea7b9bf696 100644 Binary files a/astro/public/img/docs/create-api-key.png and b/astro/public/img/docs/create-api-key.png differ diff --git a/astro/src/content/docs/apis/_apikey-get-response-body.mdx b/astro/src/content/docs/apis/_apikey-get-response-body.mdx index 6cb38090de..03379446e1 100644 --- a/astro/src/content/docs/apis/_apikey-get-response-body.mdx +++ b/astro/src/content/docs/apis/_apikey-get-response-body.mdx @@ -5,13 +5,16 @@ import JSON from 'src/components/JSON.astro'; #### Response Body + + The expiration [instant](/docs/reference/data-types#instants) of this API key. Using an expired API key for [API Authentication](/docs/apis/authentication) will result in a 401 response code. + The Id of the API key. The [instant](/docs/reference/data-types#instants) when the API key was added to the FusionAuth database. - + The Id of the [IP Access Control List](/docs/apis/ip-acl) limiting access to this API key. diff --git a/astro/src/content/docs/apis/_apikey-post-put-request-body.mdx b/astro/src/content/docs/apis/_apikey-post-put-request-body.mdx index 5c573d9db5..41e0c9e5e0 100644 --- a/astro/src/content/docs/apis/_apikey-post-put-request-body.mdx +++ b/astro/src/content/docs/apis/_apikey-post-put-request-body.mdx @@ -7,6 +7,11 @@ import EnterprisePlanBlurbApi from 'src/content/docs/_shared/_enterprise-plan-bl #### Request Body + + The expiration [instant](/docs/reference/data-types#instants) of this API key. Using an expired API key for [API Authentication](/docs/apis/authentication) will result in a 401 response code. + + { props.apikey_update_request && <>Note that omitting this field or providing a null value will clear the expiration instant of this API key. } + API key string. When you create an API key the key is defaulted to a secure random value but the API key is simply a string, so you may call it `super-secret-key` if you'd like. However a long and random value makes a good API key in that it is unique and difficult to guess. diff --git a/astro/src/content/docs/apis/_apikey-post-put-response-body.mdx b/astro/src/content/docs/apis/_apikey-post-put-response-body.mdx index 3fcd9e65ef..640586903f 100644 --- a/astro/src/content/docs/apis/_apikey-post-put-response-body.mdx +++ b/astro/src/content/docs/apis/_apikey-post-put-response-body.mdx @@ -5,6 +5,9 @@ import JSON from 'src/components/JSON.astro'; #### Response Body + + The expiration [instant](/docs/reference/data-types#instants) of this API key. Using an expired API key for [API Authentication](/docs/apis/authentication) will result in a 401 response code. + The Id of the API key. @@ -14,7 +17,7 @@ import JSON from 'src/components/JSON.astro'; The [instant](/docs/reference/data-types#instants) when the API key was added to the FusionAuth database. - + The Id of the [IP Access Control List](/docs/apis/ip-acl) limiting access to this API key. diff --git a/astro/src/content/docs/apis/authentication.mdx b/astro/src/content/docs/apis/authentication.mdx index 3600a5cad9..83f40f586e 100644 --- a/astro/src/content/docs/apis/authentication.mdx +++ b/astro/src/content/docs/apis/authentication.mdx @@ -12,6 +12,7 @@ import APIKeyCrossTenantNote from 'src/content/docs/apis/_api-key-cross-tenant-n import Aside from 'src/components/Aside.astro'; import ClientSideApiKeys from 'src/content/docs/_shared/_client-side-api-keys.mdx'; import NewApiKey401 from 'src/content/docs/apis/_new-api-key-401.mdx'; +import EnterprisePlanBlurb from 'src/content/docs/_shared/_enterprise-plan-blurb.astro'; import ScrollRef from 'src/components/ScrollRef.astro'; import TenantAuthentication from 'src/content/docs/apis/_tenant-authentication.mdx'; import Breadcrumb from 'src/components/Breadcrumb.astro'; @@ -161,7 +162,7 @@ Some APIs may be authenticated by the source IP address of the request. For exam ## Managing API Keys -Navigate to Settings -> API Keys to manage API keys. +Navigate to Settings -> API Keys to manage API keys. Create as many API keys as you like, each one may be optionally limited in ability to minimize security risk. @@ -208,6 +209,16 @@ Prior to version `1.26.0`, the FusionAuth administrative user interface was the Any attempt to call the API Keys API with a non-manager key (`keyManager` set to `false`) will return a HTTP response status code `401`. + + The optional [IP Access Control List](/docs/apis/ip-acl) for restricting the usage of this API key by network address. + + + + + The optional date and time at which this API key will expire and no longer be usable for API authentication. + + Any attempt to call an API with an expired key will result in a `401` response code. + diff --git a/astro/src/content/json/api-keys/get-response.json b/astro/src/content/json/api-keys/get-response.json index 5cec8b2b60..b53c76b5fe 100644 --- a/astro/src/content/json/api-keys/get-response.json +++ b/astro/src/content/json/api-keys/get-response.json @@ -1,5 +1,6 @@ { "apiKey": { + "expirationInstant": 872812800000, "id": "b016fa93-e8bc-4b79-b39f-5d37966c0178", "insertInstant": 1619119404194, "ipAccessControlListId": "eae37b0e-950b-4e92-abcc-d0b310326f66", @@ -38,4 +39,4 @@ }, "tenantId": "94f751c5-4883-4684-a817-6b106778edec" } -} \ No newline at end of file +} diff --git a/astro/src/content/json/api-keys/post-request-body.json b/astro/src/content/json/api-keys/post-request-body.json index 99c564e519..835392014b 100644 --- a/astro/src/content/json/api-keys/post-request-body.json +++ b/astro/src/content/json/api-keys/post-request-body.json @@ -1,5 +1,6 @@ { "apiKey": { + "expirationInstant": 872812800000, "key": "super-secret-key", "ipAccessControlListId": "eae37b0e-950b-4e92-abcc-d0b310326f66", "metaData": { @@ -20,4 +21,4 @@ }, "tenantId": "94f751c5-4883-4684-a817-6b106778edec" } -} \ No newline at end of file +} diff --git a/astro/src/content/json/api-keys/post-response-body.json b/astro/src/content/json/api-keys/post-response-body.json index 583db33a0e..84e291a7ae 100644 --- a/astro/src/content/json/api-keys/post-response-body.json +++ b/astro/src/content/json/api-keys/post-response-body.json @@ -1,5 +1,6 @@ { "apiKey": { + "expirationInstant": 872812800000, "id": "de36ce0f-70db-4d73-b0b2-9f82c1572761", "insertInstant": 1619726194060, "ipAccessControlListId": "eae37b0e-950b-4e92-abcc-d0b310326f66", @@ -24,4 +25,4 @@ }, "tenantId": "94f751c5-4883-4684-a817-6b106778edec" } -} \ No newline at end of file +} diff --git a/astro/src/content/json/api-keys/put-request-body.json b/astro/src/content/json/api-keys/put-request-body.json index 56653d020e..47369a4e33 100644 --- a/astro/src/content/json/api-keys/put-request-body.json +++ b/astro/src/content/json/api-keys/put-request-body.json @@ -1,5 +1,6 @@ { "apiKey": { + "expirationInstant": 1878422400000, "ipAccessControlListId": "eae37b0e-950b-4e92-abcc-d0b310326f66", "metaData": { "attributes": { @@ -18,4 +19,4 @@ } } } -} \ No newline at end of file +} diff --git a/astro/src/content/json/api-keys/put-response-body.json b/astro/src/content/json/api-keys/put-response-body.json index 87fc68e614..aa625e8055 100644 --- a/astro/src/content/json/api-keys/put-response-body.json +++ b/astro/src/content/json/api-keys/put-response-body.json @@ -1,5 +1,6 @@ { "apiKey": { + "expirationInstant": 1878422400000, "id": "b016fa93-e8bc-4b79-b39f-5d37966c0178", "insertInstant": 1619119404194, "ipAccessControlListId": "eae37b0e-950b-4e92-abcc-d0b310326f66", @@ -24,4 +25,4 @@ }, "tenantId": "94f751c5-4883-4684-a817-6b106778edec" } -} \ No newline at end of file +}