API keys

API keys can be used by developers to gain programmatic access to the Qlik platform, acting as their own user.

Endpoints

Skip to section
GET/v1/api-keys
POST/v1/api-keys
GET/v1/api-keys/{id}
PATCH/v1/api-keys/{id}
DELETE/v1/api-keys/{id}
GET/v1/api-keys/configs/{tenantId}
PATCH/v1/api-keys/configs/{tenantId}

Lists API keys for a given tenant ID.

authenticate

Facts GET /v1/api-keys

Rate limit
Tier 1 (1000 requests per minute)

Query Parameters GET /v1/api-keys

createdByUser
optional
string<uid>

The user ID that created the API key.

endingBefore
optional
string<uid v4>

Get resources with IDs that are lower than the target resource ID. Cannot be used in conjunction with startingAfter.

limit
optional, default=20, minimum=1, maximum=100
number

Maximum number of API keys to retrieve.

sort
optional, default='-created'
string

The field to sort by, with +/- prefix indicating sort order

Enum:

createdByUser

+createdByUser

-createdByUser

sub

+sub

-sub

status

+status

-status

description

+description

-description

created

+created

-created

startingAfter
optional
string<uid v4>

Get resources with IDs that are higher than the target resource ID. Cannot be used in conjunction with endingBefore.

status
optional
string<uid>

The status of the API key.

Enum:

active

expired

revoked

sub
optional
string<uid>

The ID of the subject.

Responses GET /v1/api-keys

200
optional, application/json

An array of API keys.

400
optional, application/json

Invalid request was made.

403
optional, application/json

Requestor not allowed to list API keys.

429
optional, application/json

Request has been rate limited.

GET/v1/api-keys

curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys" \
 -H "Authorization: Bearer <API-key>"

Response GET /v1/api-keys

{
  "data": [
    {
      "id": "string",
      "sub": "string",
      "expiry": "2022-11-22T14:26:31.781Z",
      "status": "active",
      "created": "2022-11-22T14:26:31.781Z",
      "subType": "user",
      "tenantId": "string",
      "description": "string",
      "lastUpdated": "2022-11-22T14:26:31.781Z",
      "createdByUser": "string"
    }
  ]
}

Creates an API key resource.

authenticate

Facts POST /v1/api-keys

Rate limit
Tier 2 (100 requests per minute)

Request Body POST /v1/api-keys

application/json

No description

Responses POST /v1/api-keys

201
optional, application/json

Created the API key successfully.

400
optional, application/json

Invalid request was made.

403
optional, application/json

Requestor not allowed to create an API key

429
optional, application/json

Request has been rate limited.

default
optional, application/json

Unexpected error.

POST/v1/api-keys

curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys" \
 -X POST \
 -H "Authorization: Bearer <API-key>" \
 -H "Content-type: application/json" \
 -d '{"sub":"string","expiry":"string","subType":"string","description":"string"}'

Request POST /v1/api-keys

{
  "sub": "string",
  "expiry": "string",
  "subType": "string",
  "description": "string"
}

Response POST /v1/api-keys

{
  "id": "string",
  "sub": "string",
  "token": "string",
  "expiry": "2022-11-22T14:26:31.781Z",
  "status": "active",
  "created": "2022-11-22T14:26:31.781Z",
  "subType": "user",
  "tenantId": "string",
  "description": "string",
  "lastUpdated": "2022-11-22T14:26:31.781Z",
  "createdByUser": "string"
}

Gets the API key for a given ID.

authenticate

Facts GET /v1/api-keys/{id}

Rate limit
Tier 1 (1000 requests per minute)

Path Parameters GET /v1/api-keys/{id}

id
string<uid>

The ID of the API key resource to be retrieved.

Responses GET /v1/api-keys/{id}

200
optional, application/json

Returns an API key resource.

403
optional, application/json

Requestor not allowed to query this API key.

404
optional, application/json

API key was not found.

429
optional, application/json

Request has been rate limited.

default
optional, application/json

Unexpected error.

GET/v1/api-keys/{id}

curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys/{id}" \
 -H "Authorization: Bearer <API-key>"

Response GET /v1/api-keys/{id}

{
  "id": "string",
  "sub": "string",
  "expiry": "2022-11-22T14:26:31.781Z",
  "status": "active",
  "created": "2022-11-22T14:26:31.781Z",
  "subType": "user",
  "tenantId": "string",
  "description": "string",
  "lastUpdated": "2022-11-22T14:26:31.781Z",
  "createdByUser": "string"
}

Updates an API key for a given ID.

authenticate

Facts PATCH /v1/api-keys/{id}

Rate limit
Tier 2 (100 requests per minute)

Path Parameters PATCH /v1/api-keys/{id}

id
string<JWT ID (jti)>

The ID of the API key resource to be updated.

Request Body PATCH /v1/api-keys/{id}

optional, application/json

No description

Responses PATCH /v1/api-keys/{id}

204
optional, application/json
object

API key updated successfully.

400
optional, application/json

Invalid request was made.

403
optional, application/json

Requestor not allowed to update this API key.

404
optional, application/json

API key was not found.

429
optional, application/json

Request has been rate limited.

PATCH/v1/api-keys/{id}

curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys/{id}" \
 -X PATCH \
 -H "Authorization: Bearer <API-key>" \
 -H "Content-type: application/json" \
 -d '[{"op":"replace","path":"/description","value":"my new description"}]'

Request PATCH /v1/api-keys/{id}

[
  {
    "op": "replace",
    "path": "/description",
    "value": "my new description"
  }
]

Deletes or revokes an API key.

authenticate

When the owner of the API key sends the request, the key will be removed. When a TenantAdmin sends the request, the key will be revoked.

Facts DELETE /v1/api-keys/{id}

Rate limit
Tier 2 (100 requests per minute)

Path Parameters DELETE /v1/api-keys/{id}

id
string<uid>

The ID of the API key resource to be retrieved.

Responses DELETE /v1/api-keys/{id}

204
optional, application/json
object

Deleted or revoked an API key resource.

403
optional, application/json

Requestor not allowed to delete or revoke this API key.

404
optional, application/json

API key was not found.

429
optional, application/json

Request has been rate limited.

DELETE/v1/api-keys/{id}

curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys/{id}" \
 -X DELETE \
 -H "Authorization: Bearer <API-key>"

Gets the API keys configuration for a given tenant ID.

authenticate

Facts GET /v1/api-keys/configs/{tenantId}

Rate limit
Tier 1 (1000 requests per minute)

Path Parameters GET /v1/api-keys/configs/{tenantId}

tenantId
string<uid>

The tenant ID of the API keys configuration to be retrieved.

Responses GET /v1/api-keys/configs/{tenantId}

200
optional, application/json

API keys configuration.

429
optional, application/json

Request has been rate limited.

default
optional, application/json

Unexpected error.

GET/v1/api-keys/configs/{tenantId}

curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys/configs/{tenantId}" \
 -H "Authorization: Bearer <API-key>"

Response GET /v1/api-keys/configs/{tenantId}

{
  "api_keys_enabled": true,
  "max_keys_per_user": 5,
  "max_api_key_expiry": "PT24H",
  "scim_externalClient_expiry": "P365D"
}

Updates the API keys configuration for a given tenant ID.

authenticate

Facts PATCH /v1/api-keys/configs/{tenantId}

Rate limit
Tier 2 (100 requests per minute)

Path Parameters PATCH /v1/api-keys/configs/{tenantId}

tenantId
string<uid>

The tenant ID of the API keys configuration to be retrieved.

Request Body PATCH /v1/api-keys/configs/{tenantId}

optional, application/json

No description

Responses PATCH /v1/api-keys/configs/{tenantId}

204
optional, application/json
object

API keys configuration updated successfully.

400
optional, application/json

Invalid request was made.

403
optional, application/json

Requestor not allowed to update the API keys configuration.

404
optional, application/json

Failed to update the API keys configuration.

429
optional, application/json

Request has been rate limited.

PATCH/v1/api-keys/configs/{tenantId}

curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys/configs/{tenantId}" \
 -X PATCH \
 -H "Authorization: Bearer <API-key>" \
 -H "Content-type: application/json" \
 -d '[{"op":"replace","path":"/api_keys_enabled","value":true}]'

Request PATCH /v1/api-keys/configs/{tenantId}

[
  {
    "op": "replace",
    "path": "/api_keys_enabled",
    "value": true
  }
]

ApiKey

object

Properties

id
string<uid>

The unique ID for the resource.

sub
string<uid>

The ID of the subject for the API key.

expiry
string<date-time>

When the API key will expire and no longer be a valid authentication token.

status
string

No description

Enum:

active

expired

revoked

created
optional
string<date-time>

When the API key was created.

subType
string

Type of the subject.

Enum:

user

tenantId
string<uid>

The tenant ID.

description
string

A description for the API key.

lastUpdated
optional
string<date-time>

When the API key was last updated.

createdByUser
string<uid>

The ID of the user who created the key.

ApiKeyBody

Properties

sub
optional
string

The ID of the subject for the API key.

expiry
optional
string

The expiry of the API key, in ISO8601 duration format.

subType
optional
string

Type of the subject.

description
string

Text that describes the API key.

ApiKeyConfigPatch

object

A JSON Patch document as defined in https://datatracker.ietf.org/doc/html/rfc6902.

Properties

op
string

The operation to be performed.

Enum:

replace

path
string

The path for the given resource field to patch.

Enum:

/api_keys_enabled

/max_api_key_expiry

/max_keys_per_user

value

The value to be used for this operation.

ApiKeyPatch

object

A JSON Patch document as defined in https://datatracker.ietf.org/doc/html/rfc6902.

Properties

op
string

The operation to be performed.

Enum:

replace

path
string

The path for the given resource field to patch.

Enum:

/description

value
string

The value to be used for this operation.

ApiKeys

object

Properties

data
optional

No description

ApiKeysConfig

object

Properties

api_keys_enabled
optional, default=false
boolean

Enables or disables API key functionality for the specified tenant.

max_keys_per_user
optional, default=5, minimum=0, maximum=1000
number

The maximum number of active API keys that any user can create for the specified tenant.

max_api_key_expiry
optional, default='PT24H'
string

The maximum lifetime, in ISO8601 duration format, for which an API key can be issued for the specified tenant.

scim_externalClient_expiry
optional, default='P365D'
string

The expiry of the scim externalClient token in ISO8601 duration format. Used during the creation of an externalClient API key.

ApiKeysConfigPatchSchema

Array<ApiKeyConfigPatch>

Properties

op
string

The operation to be performed.

Enum:

replace

path
string

The path for the given resource field to patch.

Enum:

/api_keys_enabled

/max_api_key_expiry

/max_keys_per_user

value

The value to be used for this operation.

ApiKeysPatchSchema

Array<ApiKeyPatch>

Properties

op
string

The operation to be performed.

Enum:

replace

path
string

The path for the given resource field to patch.

Enum:

/description

value
string

The value to be used for this operation.

ApiKeyWithToken

object

Properties

id
string<uid>

The unique ID for the resource.

sub
string<uid>

The ID of the subject for the API key.

token
string

The generated signed JWT.

expiry
string<date-time>

When the API key will expire and no longer be a valid authentication token.

status
string

No description

Enum:

active

expired

revoked

created
optional
string<date-time>

When the API key was created.

subType
string

Type of the subject.

Enum:

user

tenantId
string<uid>

The tenant ID.

description
string

A description for the API key.

lastUpdated
optional
string<date-time>

When the API key was last updated.

createdByUser
string<uid>

The id of the user who created the key.

Error

object

An error object.

Properties

code
string

The error code.

meta
optional
object

Additional properties relating to the error.

title
string

Summary of the problem.

detail
optional
string

A human-readable explanation specific to this occurrence of the problem.

source
optional

References to the source of the error.

status
optional
integer

The HTTP status code.

Errors

object

Properties

errors
optional

No description

v0.509.8
Was this page helpful?