API keys management
For applications, where you don't identify and authenticate individual users, you can use an API key. These API keys are in fact an identity (without a person) with permanent access token. So you can later manage memberships of users and API keys using the same API.
Create API key
Using GraphQL API
mutation {
createApiKey(
projectSlug: "my-blog",
description: "Some user friendly description of the key"
memberships: [{role: "editor", variables: [{name: "language", values: ["cs"]}]}]
) {
ok
error {
code
}
result {
apiKey {
id
token
identity {
id
}
}
}
}
}
This mutations returns 3 identifiers, which might be relevant for you:
- API key ID: using this ID you can later call a
disableApiKey
and invalidate this API key - identity ID: which you use to modify API key memberships and permissions
- token: which is a bearer token, which you use to authenticate all GraphQL requests
Using CLI
There is also an interactive CLI command for creating an API key. Run
npm run contember tenant:create-api-key
and follow the instructions
Disable API key
You need an API key ID to disable it. Do not confuse this id with identity id!
mutation {
disableApiKey(id: "fb6658f3-a000-4448-ac9e-0688f1afa3d7") {
ok
}
}