Creating and Using API Keys in SL1 PowerFlow

Download this manual as a PDF file 

On the API Keys page () of the PowerFlow user interface, you can create API keys to request PowerFlow API endpoints, specifying them by a header or a query string. These API keys are based on PowerFlow roles, which are described in Managing Users in SL1 PowerFlow.

You can use API keys instead of basic authentication when you use PowerFlow to integrate with technologies that do not support sending headers in API requests.

Using API Keys

The API key authentication strategy gives users access to the PowerFlow API using API keys, which are also called authentication tokens. This strategy provides access to the PowerFlow API in a controllable manner, with options to restrict which hosts may or may not use certain tokens.

You can create an API key on the API Keys page () of the PowerFlow user interface. After you create the API key, you can use it to create requests to the PowerFlow API endpoints based on the role you assigned to the key. The role defines which resources the key has access to in the PowerFlow API. 

For more information about the types of roles you can assign to an API key, see User Groups, Roles, and Permissions.

Image of the API Keys inventory page in PowerFlow

The API Keys page displays the following information about each API key:

  • Name. The name of the API key.
  • Key Prefix. The first five characters of the API key. The remaining characters are not shown for security purposes.
  • White listed IPs. A list of one or more IP addresses or subnets that have been validated for use.
  • Expiration. The amount of time, in seconds, before the key expires. If the key does not have an expiration time, an infinity symbol () displays in this column.
  • Role. The user role assigned to the API key. This role controls which resources are available to the API key in the PowerFlow API.
  • Last Used. The last day that the API key was used.
  • Created Time. The date and time that the API key was created.
  • Actions. Includes the Delete button, for removing an API key.

Creating an API Key

On the API Keys page () page, you can create an API key to use to make requests with PowerFlow API endpoints.

To create an API key:

  1. In the PowerFlow user interface, go to the API Keys page and click Create API Key. The Create API Key pane appears:

    Image of the Create API Key pane

  2. Complete the following fields:

  • Name. Type a name for the API key.
  • White listed IPs. Specify a list of one or more IP addresses that have been approved for use. Optional.
  • Key Expiration in seconds. Specify how much time, in seconds, should pass before the key expires. If you do not want the key to expire, set this value to 0 or leave this field blank. Optional.
  • Role.Select a user role for the API key. This role controls which resources are available to the API key in the PowerFlow API. The default role is Execute. For more information about the different roles, see User Groups, Roles, and Permissions.
  1. Click Save. The API Key Successfully Added modal appears.
  2. For security purposes, the full key will only be shown once, in the above modal, so click the Copy button or the Copy icon () to save the key to the clipboard. After you close this modal, you can only see the first five characters of the key on the API Keys page.
  3. Click Close. The new API key is listed on the API Keys page.
  4. Use the key when authenticating with the PowerFlow API, which is covered in the following topic.

Authenticating with an API Key

You can use an API key to authenticate in the following ways:

  • Using a header called PF-APIKEY that contains the raw value of the API key, which you copied from the "Create API Key" wizard. The following example is a GET request to the application endpoint using only an API key as an authentication method:

    curl https://<your_hostname>/api/v1/applications -H "PF-APIKEY: DiTvNtSJpuJgOwv2OTtMaoghZQYATH3Ono48-psJ-PKrsMaE4CYWMw"

  • Use a query parameter called PF-APIKEY that contains the raw value of the API key, which you copied from the "Create API Key" wizard. The following example is a GET request to the application endpoint using only an API key as an authentication method:

    curl https://<your_hostname>/api/v1/applications?PF-APIKEY=DiTvNtSJpuJgOwv2OTtMaoghZQYATH3Ono48-psJ-PKrsMaE4CYWMw

Removing an API Key

You can remove an API key by deleting it from the API Keys page. After you delete the API key, the key is removed from the PowerFlow system, and it will not have access to the PowerFlow API any longer.

To remove an API key:

  1. In the PowerFlow user interface, go to the API Keys page.
  2. Click the Delete button for the key you want to remove. A Delete API Key modal appears.
  3. Click the Delete button to permanently delete the key.