API keys functionality allows you to generate a unique token that can be used for authentication when making an API call. It is required to communicate with Alumio API.
API Key can be created by navigating to Access Control → API keys.
Setting up API keys
To create a new API key, follow the steps below:
Step 1: Once in the API keys view, hit “+” to create a new one.
Step 2: Give your token a name.
Step 3: Hit “Create”.
Step 4: Click “Copy” next to the access token value to get it copied.
This token can be used as a Bearer token in the Authorization header. Make sure to save the API key, because it will not be shown again.
You are correct that each API key is bound to the user who created it. All the API calls that come from the token will be logged as the user’s activities in the Audit Trail page.
What happens when the user who created them is deleted? Do the API keys get invalidated at that point?
We’re working on a few automations which we’d be using the API keys for, and it’d not be great if those become non-functional if I every leave the company ;).
Thank you for the question. An API key will be automatically revoked once the user who created it is removed from the dashboard. It’s because the token is tied to the creator. Therefore, the only way to avoid the automations from being interrupted is for another user to create a new API key and use it before removing the user.
Alternatively, you can use a user who will never be removed from the dashboard to create the API key.
