API key roles

API keys are used to control access to resources through the API. Typically, it makes sense to restrict specific API key permissions to just those required by specific scripts and/or users. This is possible by linking permission roles to API keys.

For example, it is possible to have an API key that can only perform read-only operations for general use whilst a separate API key might have full write permissions.

The roles for API keys work the same as roles for users.

Managing roles

To add a new API role, navigate to System settings ‣ Security ‣ Roles. Click Create, enter a name for the role and select API in the Role type drop down. Next, select the permissions you would like to include and click Save. For example, if you would like to restrict a role to only be able to create new projects, check the box next to Create projects and leave the rest as is.

../_images/settings_roles_api_role_dialog.jpg

Specifying a role for API keys

Navigate to System settings ‣ Security ‣ API keys and either create or edit an existing key. In the dialog that appears, select at least one role in the Roles drop down to set or edit which role(s), and corresponding permissions, are applied for the key.

../_images/settings_api_keys_create.jpg

Note

API keys must have at least one role set.