Skip to main content

API keys management

For applications, where you don't identify and authenticate individual users, you can use an API key. These API keys are in fact an identity (without a person) with permanent access token. So you can later manage memberships of users and API keys using the same API.

Create API key#

Using GraphQL API#

mutation {
createApiKey(
projectSlug: "my-blog",
description: "Some user friendly description of the key"
memberships: [{role: "editor", variables: [{name: "language", values: ["cs"]}]}]
) {
ok
error {
code
}
result {
apiKey {
id
token
identity {
id
}
}
}
}
}

This mutations returns 3 identifiers, which might be relevant for you:

  • API key ID: using this ID you can later call a disableApiKey and invalidate this API key
  • identity ID: which you use to modify API key memberships and permissions
  • token: which is a bearer token, which you use to authenticate all GraphQL requests

Using CLI#

There is also an interactive CLI command for creating an API key. Run

npm run contember tenant:create-api-key

and follow the instructions

Disable API key#

You need an API key ID to disable it. Do not confuse this id with identity id!

mutation {
disableApiKey(id: "fb6658f3-a000-4448-ac9e-0688f1afa3d7") {
ok
}
}