API keys - Fluid Topics - 4.3

Fluid Topics Configuration and Administration Guide

Category
Reference Guides
Audience
public
Version
Latest

Selecting API keys in the Integration section of the Administration menu displays the API keys administration interface, where ADMIN users can declare integrations that are authorized to call public Fluid Topics web services using an API key.

When using an API key, it is necessary to send the HTTP request to a public web service.

To generate an API key for an integration to use, it is first necessary to declare the integration in the API keys administration interface as follows:

  1. In the Name field, define a name for the integration. This field is mandatory, and the name must be unique. Only alphanumeric characters, dashes () and underscores (_) are allowed.

  2. Select Create & Add.

  3. The Edit API key drawer opens and displays a generated API key such as in the following example:

    API key example

In the Edit API key drawer, administrators can configure the following optional fields and sections:

  • Description - lets integrators know what task the integration will perform using the API key.

  • Roles - grants access to APIs that are only available to users with a certain role.

  • Groups - grants access to restricted content when using the Knowledge Hub web services.

  • IP restrictions - Bots, scripts, CIs and other automated workflows always use the same IP addresses. Administrators can list authorized IP address or IP address ranges (using the CIDR notation). Can be left empty to allow all IPs.

After adding the integration, it appears in a table in the API keys administration interface, alongside the following information:

  • Created on

  • Last activity

  • Groups

  • Roles

  • IP restrictions

  • A button to copy the API key

  • A button to edit the API key

  • A button to delete the API key

Bearer authentication

All calls made using an API key should use "Bearer" authentication for the Authorization header. For example, If the API key is abc123, the caller should supply the following Authorization header for each API call:

Authorization: Bearer abc123

Use case

An integration uses a curl script to push ZIP archives to the Knowledge Hub. The Upload content web service requires the HTTP request to be made by an entity with at least one of the roles granting permission to publish content (ADMIN, KHUB_ADMIN, or CONTENT_PUBLISHER).

An ADMIN user declares the integration in the API Keys administration interface as follows:

  • Name: publish

  • Description: Publishes content to the Knowledge Hub.

  • Role: CONTENT_PUBLISHER (Can publish, modify, and delete content)