API keys
API keys can be used by developers to gain programmatic access to the Qlik platform, acting as their own user.
Endpoints
Skip to section| GET | /v1/api-keys |
| POST | /v1/api-keys |
| GET | /v1/api-keys/{id} |
| PATCH | /v1/api-keys/{id} |
| DELETE | /v1/api-keys/{id} |
| GET | /v1/api-keys/configs/{tenantId} |
| PATCH | /v1/api-keys/configs/{tenantId} |
Lists API keys for a given tenant ID.
Facts GET /v1/api-keys
Rate limit | Tier 1 (1000 requests per minute) |
Query Parameters GET /v1/api-keys
createdByUser optional string<uid> | The user ID that created the API key. |
endingBefore optional string<uid v4> | Get resources with IDs that are lower than the target resource ID. Cannot be used in conjunction with startingAfter. |
limit optional, default=20, minimum=1, maximum=100 number | Maximum number of API keys to retrieve. |
sort optional, default='-created' string | The field to sort by, with +/- prefix indicating sort order Enum: createdByUser +createdByUser -createdByUser sub +sub -sub status +status -status description +description -description created +created -created |
startingAfter optional string<uid v4> | Get resources with IDs that are higher than the target resource ID. Cannot be used in conjunction with endingBefore. |
status optional string<uid> | The status of the API key. Enum: active expired revoked |
sub optional string<uid> | The ID of the subject. |
Responses GET /v1/api-keys
200 optional, application/json | An array of API keys. |
400 optional, application/json | Invalid request was made. |
403 optional, application/json | Requestor not allowed to list API keys. |
429 optional, application/json | Request has been rate limited. |
GET/v1/api-keys
curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys" \
-H "Authorization: Bearer <API-key>"Response GET /v1/api-keys
{
"data": [
{
"id": "string",
"sub": "string",
"expiry": "2022-11-22T14:26:31.781Z",
"status": "active",
"created": "2022-11-22T14:26:31.781Z",
"subType": "user",
"tenantId": "string",
"description": "string",
"lastUpdated": "2022-11-22T14:26:31.781Z",
"createdByUser": "string"
}
]
}Creates an API key resource.
Facts POST /v1/api-keys
Rate limit | Tier 2 (100 requests per minute) |
Request Body POST /v1/api-keys
application/json | No description |
Responses POST /v1/api-keys
201 optional, application/json | Created the API key successfully. |
400 optional, application/json | Invalid request was made. |
403 optional, application/json | Requestor not allowed to create an API key |
429 optional, application/json | Request has been rate limited. |
default optional, application/json | Unexpected error. |
POST/v1/api-keys
curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys" \
-X POST \
-H "Authorization: Bearer <API-key>" \
-H "Content-type: application/json" \
-d '{"sub":"string","expiry":"string","subType":"string","description":"string"}'Request POST /v1/api-keys
{
"sub": "string",
"expiry": "string",
"subType": "string",
"description": "string"
}Response POST /v1/api-keys
{
"id": "string",
"sub": "string",
"token": "string",
"expiry": "2022-11-22T14:26:31.781Z",
"status": "active",
"created": "2022-11-22T14:26:31.781Z",
"subType": "user",
"tenantId": "string",
"description": "string",
"lastUpdated": "2022-11-22T14:26:31.781Z",
"createdByUser": "string"
}Gets the API key for a given ID.
Facts GET /v1/api-keys/{id}
Rate limit | Tier 1 (1000 requests per minute) |
Path Parameters GET /v1/api-keys/{id}
id string<uid> | The ID of the API key resource to be retrieved. |
Responses GET /v1/api-keys/{id}
200 optional, application/json | Returns an API key resource. |
403 optional, application/json | Requestor not allowed to query this API key. |
404 optional, application/json | API key was not found. |
429 optional, application/json | Request has been rate limited. |
default optional, application/json | Unexpected error. |
GET/v1/api-keys/{id}
curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys/{id}" \
-H "Authorization: Bearer <API-key>"Response GET /v1/api-keys/{id}
{
"id": "string",
"sub": "string",
"expiry": "2022-11-22T14:26:31.781Z",
"status": "active",
"created": "2022-11-22T14:26:31.781Z",
"subType": "user",
"tenantId": "string",
"description": "string",
"lastUpdated": "2022-11-22T14:26:31.781Z",
"createdByUser": "string"
}Updates an API key for a given ID.
Facts PATCH /v1/api-keys/{id}
Rate limit | Tier 2 (100 requests per minute) |
Path Parameters PATCH /v1/api-keys/{id}
id string<JWT ID (jti)> | The ID of the API key resource to be updated. |
Request Body PATCH /v1/api-keys/{id}
optional, application/json | No description |
Responses PATCH /v1/api-keys/{id}
204 optional, application/json object | API key updated successfully. |
400 optional, application/json | Invalid request was made. |
403 optional, application/json | Requestor not allowed to update this API key. |
404 optional, application/json | API key was not found. |
429 optional, application/json | Request has been rate limited. |
PATCH/v1/api-keys/{id}
curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys/{id}" \
-X PATCH \
-H "Authorization: Bearer <API-key>" \
-H "Content-type: application/json" \
-d '[{"op":"replace","path":"/description","value":"my new description"}]'Request PATCH /v1/api-keys/{id}
[
{
"op": "replace",
"path": "/description",
"value": "my new description"
}
]Deletes or revokes an API key.
When the owner of the API key sends the request, the key will be removed. When a TenantAdmin sends the request, the key will be revoked.
Facts DELETE /v1/api-keys/{id}
Rate limit | Tier 2 (100 requests per minute) |
Path Parameters DELETE /v1/api-keys/{id}
id string<uid> | The ID of the API key resource to be retrieved. |
Responses DELETE /v1/api-keys/{id}
204 optional, application/json object | Deleted or revoked an API key resource. |
403 optional, application/json | Requestor not allowed to delete or revoke this API key. |
404 optional, application/json | API key was not found. |
429 optional, application/json | Request has been rate limited. |
DELETE/v1/api-keys/{id}
curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys/{id}" \
-X DELETE \
-H "Authorization: Bearer <API-key>"Gets the API keys configuration for a given tenant ID.
Facts GET /v1/api-keys/configs/{tenantId}
Rate limit | Tier 1 (1000 requests per minute) |
Path Parameters GET /v1/api-keys/configs/{tenantId}
tenantId string<uid> | The tenant ID of the API keys configuration to be retrieved. |
Responses GET /v1/api-keys/configs/{tenantId}
200 optional, application/json | API keys configuration. |
429 optional, application/json | Request has been rate limited. |
default optional, application/json | Unexpected error. |
GET/v1/api-keys/configs/{tenantId}
curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys/configs/{tenantId}" \
-H "Authorization: Bearer <API-key>"Response GET /v1/api-keys/configs/{tenantId}
{
"api_keys_enabled": true,
"max_keys_per_user": 5,
"max_api_key_expiry": "PT24H",
"scim_externalClient_expiry": "P365D"
}Updates the API keys configuration for a given tenant ID.
Facts PATCH /v1/api-keys/configs/{tenantId}
Rate limit | Tier 2 (100 requests per minute) |
Path Parameters PATCH /v1/api-keys/configs/{tenantId}
tenantId string<uid> | The tenant ID of the API keys configuration to be retrieved. |
Request Body PATCH /v1/api-keys/configs/{tenantId}
optional, application/json | No description |
Responses PATCH /v1/api-keys/configs/{tenantId}
204 optional, application/json object | API keys configuration updated successfully. |
400 optional, application/json | Invalid request was made. |
403 optional, application/json | Requestor not allowed to update the API keys configuration. |
404 optional, application/json | Failed to update the API keys configuration. |
429 optional, application/json | Request has been rate limited. |
PATCH/v1/api-keys/configs/{tenantId}
curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys/configs/{tenantId}" \
-X PATCH \
-H "Authorization: Bearer <API-key>" \
-H "Content-type: application/json" \
-d '[{"op":"replace","path":"/api_keys_enabled","value":true}]'Request PATCH /v1/api-keys/configs/{tenantId}
[
{
"op": "replace",
"path": "/api_keys_enabled",
"value": true
}
]ApiKey
objectProperties
id string<uid> | The unique ID for the resource. |
sub string<uid> | The ID of the subject for the API key. |
expiry string<date-time> | When the API key will expire and no longer be a valid authentication token. |
status string | No description Enum: active expired revoked |
created optional string<date-time> | When the API key was created. |
subType string | Type of the subject. Enum: user |
tenantId string<uid> | The tenant ID. |
description string | A description for the API key. |
lastUpdated optional string<date-time> | When the API key was last updated. |
createdByUser string<uid> | The ID of the user who created the key. |
ApiKeyBody
Properties
sub optional string | The ID of the subject for the API key. |
expiry optional string | The expiry of the API key, in ISO8601 duration format. |
subType optional string | Type of the subject. |
description string | Text that describes the API key. |
ApiKeyConfigPatch
objectA JSON Patch document as defined in https://datatracker.ietf.org/doc/html/rfc6902.
Properties
op string | The operation to be performed. Enum: replace |
path string | The path for the given resource field to patch. Enum: /api_keys_enabled /max_api_key_expiry /max_keys_per_user |
value | The value to be used for this operation. |
ApiKeyPatch
objectA JSON Patch document as defined in https://datatracker.ietf.org/doc/html/rfc6902.
Properties
op string | The operation to be performed. Enum: replace |
path string | The path for the given resource field to patch. Enum: /description |
value string | The value to be used for this operation. |
ApiKeys
objectProperties
data optional | No description |
ApiKeysConfig
objectProperties
api_keys_enabled optional, default=false boolean | Enables or disables API key functionality for the specified tenant. |
max_keys_per_user optional, default=5, minimum=0, maximum=1000 number | The maximum number of active API keys that any user can create for the specified tenant. |
max_api_key_expiry optional, default='PT24H' string | The maximum lifetime, in ISO8601 duration format, for which an API key can be issued for the specified tenant. |
scim_externalClient_expiry optional, default='P365D' string | The expiry of the scim externalClient token in ISO8601 duration format. Used during the creation of an externalClient API key. |
ApiKeysConfigPatchSchema
Array<ApiKeyConfigPatch>Properties
op string | The operation to be performed. Enum: replace |
path string | The path for the given resource field to patch. Enum: /api_keys_enabled /max_api_key_expiry /max_keys_per_user |
value | The value to be used for this operation. |
ApiKeysPatchSchema
Array<ApiKeyPatch>Properties
op string | The operation to be performed. Enum: replace |
path string | The path for the given resource field to patch. Enum: /description |
value string | The value to be used for this operation. |
ApiKeyWithToken
objectProperties
id string<uid> | The unique ID for the resource. |
sub string<uid> | The ID of the subject for the API key. |
token string | The generated signed JWT. |
expiry string<date-time> | When the API key will expire and no longer be a valid authentication token. |
status string | No description Enum: active expired revoked |
created optional string<date-time> | When the API key was created. |
subType string | Type of the subject. Enum: user |
tenantId string<uid> | The tenant ID. |
description string | A description for the API key. |
lastUpdated optional string<date-time> | When the API key was last updated. |
createdByUser string<uid> | The id of the user who created the key. |
Error
objectAn error object.
Properties
code string | The error code. |
meta optional object | Additional properties relating to the error. |
title string | Summary of the problem. |
detail optional string | A human-readable explanation specific to this occurrence of the problem. |
source optional | References to the source of the error. |
status optional integer | The HTTP status code. |
Errors
objectProperties
errors optional | No description |
