API keys
API keys can be used by developers to gain programmatic access to the Qlik platform, acting as their own user.
Facts
Rate limit | Tier 1 (1000 requests per minute) |
Categories | externalauthenticate |
Query Parameters
- createdByUserstring
The user ID that created the API key.
- endingBeforestring
Get resources with IDs that are lower than the target resource ID. Cannot be used in conjunction with startingAfter.
- limitnumber
Maximum number of API keys to retrieve.
- sortstring
The field to sort by, with +/- prefix indicating sort order
Can be one of: "createdByUser""+createdByUser""-createdByUser""sub""+sub""-sub""status""+status""-status""description""+description""-description""created""+created""-created"
- startingAfterstring
Get resources with IDs that are higher than the target resource ID. Cannot be used in conjunction with endingBefore.
- statusstring
The status of the API key.
Can be one of: "active""expired""revoked"
- substring
The ID of the subject.
Responses
200
application/json
The API keys page result.
- application/jsonobject
application/json properties
- dataarray of objectsRequired
Properties of API keys in a given tenant.
data properties
- idstringRequired
The unique ID for the resource.
- substringRequired
The ID of the subject for the API key. For SCIM the format is
SCIM\\{{IDP-ID}}
, where{{IDP-ID}}
is the ID of the IDP in Qlik. - expirystringRequired
When the API key will expire and no longer be a valid authentication token.
- statusstringRequired
The status of the API key.
Can be one of: "active""expired""revoked"
- createdstring
When the API key was created.
- subTypestringRequired
Type of the subject. For SCIM, it should be
externalClient
.Can be one of: "user""externalClient"
- tenantIdstringRequired
The tenant ID.
- descriptionstringRequired
A description for the API key.
- lastUpdatedstring
When the API key was last updated.
- createdByUserstringRequired
The ID of the user who created the key.
-
- linksobjectRequired
Navigation links to page results.
links properties
- nextobject
next properties
- hrefstringRequired
The URL for the link.
-
- prevobject
prev properties
- hrefstringRequired
The URL for the link.
-
- selfobjectRequired
self properties
- hrefstringRequired
The URL for the link.
-
-
-
400
application/json
Invalid request was made.
- application/jsonobject
application/json properties
- errorsarray of objects
List of errors and their properties.
errors properties
- codestringRequired
The error code.
- metaobject
Additional properties relating to the error.
- titlestringRequired
Summary of the problem.
- detailstring
A human-readable explanation specific to this occurrence of the problem.
- sourceobject
References to the source of the error.
source properties
- pointerstring
A JSON Pointer to the property that caused the error.
- parameterstring
The URI query parameter that caused the error.
-
- statusinteger
The HTTP status code.
-
-
403
application/json
Requestor not allowed to list API keys.
- application/jsonobject
application/json properties
- errorsarray of objects
-
429
application/json
Request has been rate limited.
- application/jsonobject
application/json properties
- errorsarray of objects
-
curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys" \
-H "Authorization: Bearer <API-key>"
const https = require('https')
const data = JSON.stringify("")
const options = {
'hostname': 'https://your-tenant.us.qlikcloud.com',
'port': 443,
'path': '/api/v1/api-keys',
'method': 'GET',
'headers': {
'Authorization': 'Bearer <API-key>'
}
}
const req = https.request(options)
qlik api-key ls
Response
{
"data": [
{
"id": "TiQ8GPVr8qI714Lp5ChAAFFaU24MJy69",
"sub": "SCIM\\\\215g5595380d646163cadbb9",
"expiry": "2018-10-30T07:06:22Z",
"status": "active",
"created": "2018-10-30T07:06:22Z",
"subType": "user",
"tenantId": "TiQ8GPVr8qI714Lp5ChAAFFaU24MJy69",
"description": "string",
"lastUpdated": "2018-10-30T07:06:22Z",
"createdByUser": "TiQ8GPVr8qI714Lp5ChAAFFaU24MJy69"
}
],
"links": {
"next": {
"href": "string"
},
"prev": {
"href": "string"
},
"self": {
"href": "string"
}
}
}
Facts
Rate limit | Tier 2 (100 requests per minute) |
Categories | externalauthenticate |
Request Body
Requiredapplication/json
Properties that the user wants to set for the API key.
- application/jsonobject
application/json properties
- substring
The ID of the subject for the API key. For SCIM the format is
SCIM\\{{IDP-ID}}
, where{{IDP-ID}}
is the ID of the IDP in Qlik. - expirystring
The expiry of the API key, in ISO8601 duration format.
- subTypestring
Type of the subject. For SCIM, it should be
externalClient
.Can be one of: "user""externalClient"
- descriptionstringRequired
Text that describes the API key.
-
Responses
201
application/json
Created the API key successfully.
- application/jsonobject
application/json properties
- idstringRequired
The unique ID for the resource.
- substringRequired
The ID of the subject for the API key.
- tokenstringRequired
The generated signed JWT.
- expirystringRequired
When the API key will expire and no longer be a valid authentication token.
- statusstringRequired
The status of the API key.
Can be one of: "active""expired""revoked"
- createdstring
When the API key was created.
- subTypestringRequired
Type of the subject.
Can be one of: "user"
- tenantIdstringRequired
The tenant ID.
- descriptionstringRequired
A description for the API key.
- lastUpdatedstring
When the API key was last updated.
- createdByUserstringRequired
The id of the user who created the key.
-
400
application/json
Invalid request was made.
- application/jsonobject
application/json properties
- errorsarray of objects
-
403
application/json
Requestor not allowed to create an API key
- application/jsonobject
application/json properties
- errorsarray of objects
-
429
application/json
Request has been rate limited.
- application/jsonobject
application/json properties
- errorsarray of objects
-
default
application/json
Unexpected error.
- application/jsonobject
application/json properties
- errorsarray of objects
-
curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys" \
-X POST \
-H "Content-type: application/json" \
-H "Authorization: Bearer <API-key>" \
-d '{"sub":"SCIM\\\\215g5595380d646163cadbb9","expiry":"string","subType":"user","description":"string"}'
const https = require('https')
const data = JSON.stringify({"sub":"SCIM\\\\215g5595380d646163cadbb9","expiry":"string","subType":"user","description":"string"})
const options = {
'hostname': 'https://your-tenant.us.qlikcloud.com',
'port': 443,
'path': '/api/v1/api-keys',
'method': 'POST',
'headers': {
'Content-type': 'application/json',
'Authorization': 'Bearer <API-key>'
}
}
const req = https.request(options)
req.write(data)
qlik api-key create \
--description="string" \
--expiry="string" \
--sub="SCIM\\215g5595380d646163cadbb9" \
--subType="user"
Request
{
"sub": "SCIM\\\\215g5595380d646163cadbb9",
"expiry": "string",
"subType": "user",
"description": "string"
}
Response
{
"id": "TiQ8GPVr8qI714Lp5ChAAFFaU24MJy69",
"sub": "TiQ8GPVr8qI714Lp5ChAAFFaU24MJy69",
"token": "string",
"expiry": "2018-10-30T07:06:22Z",
"status": "active",
"created": "2018-10-30T07:06:22Z",
"subType": "user",
"tenantId": "TiQ8GPVr8qI714Lp5ChAAFFaU24MJy69",
"description": "string",
"lastUpdated": "2018-10-30T07:06:22Z",
"createdByUser": "TiQ8GPVr8qI714Lp5ChAAFFaU24MJy69"
}
Facts
Rate limit | Tier 1 (1000 requests per minute) |
Categories | externalauthenticate |
Path Parameters
- idstringRequired
The ID of the API key resource to be retrieved.
Responses
200
application/json
Returns an API key resource.
- application/jsonobject
application/json properties
- idstringRequired
The unique ID for the resource.
- substringRequired
The ID of the subject for the API key. For SCIM the format is
SCIM\\{{IDP-ID}}
, where{{IDP-ID}}
is the ID of the IDP in Qlik. - expirystringRequired
When the API key will expire and no longer be a valid authentication token.
- statusstringRequired
The status of the API key.
Can be one of: "active""expired""revoked"
- createdstring
When the API key was created.
- subTypestringRequired
Type of the subject. For SCIM, it should be
externalClient
.Can be one of: "user""externalClient"
- tenantIdstringRequired
The tenant ID.
- descriptionstringRequired
A description for the API key.
- lastUpdatedstring
When the API key was last updated.
- createdByUserstringRequired
The ID of the user who created the key.
-
403
application/json
Requestor not allowed to query this API key.
- application/jsonobject
application/json properties
- errorsarray of objects
-
404
application/json
API key was not found.
- application/jsonobject
application/json properties
- errorsarray of objects
-
429
application/json
Request has been rate limited.
- application/jsonobject
application/json properties
- errorsarray of objects
-
default
application/json
Unexpected error.
- application/jsonobject
application/json properties
- errorsarray of objects
-
curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys/{id}" \
-H "Authorization: Bearer <API-key>"
const https = require('https')
const data = JSON.stringify("")
const options = {
'hostname': 'https://your-tenant.us.qlikcloud.com',
'port': 443,
'path': '/api/v1/api-keys/{id}',
'method': 'GET',
'headers': {
'Authorization': 'Bearer <API-key>'
}
}
const req = https.request(options)
qlik api-key get <api-keyId>
Response
{
"id": "TiQ8GPVr8qI714Lp5ChAAFFaU24MJy69",
"sub": "SCIM\\\\215g5595380d646163cadbb9",
"expiry": "2018-10-30T07:06:22Z",
"status": "active",
"created": "2018-10-30T07:06:22Z",
"subType": "user",
"tenantId": "TiQ8GPVr8qI714Lp5ChAAFFaU24MJy69",
"description": "string",
"lastUpdated": "2018-10-30T07:06:22Z",
"createdByUser": "TiQ8GPVr8qI714Lp5ChAAFFaU24MJy69"
}
Facts
Rate limit | Tier 2 (100 requests per minute) |
Categories | externalauthenticate |
Path Parameters
- idstringRequired
The ID of the API key resource to be updated.
Request Body
Requiredapplication/json
Properties that the user wants to update for the API key.
A JSON Patch document as defined in https://datatracker.ietf.org/doc/html/rfc6902.
- application/jsonarray of objects
A JSON Patch document as defined in https://datatracker.ietf.org/doc/html/rfc6902.
application/json properties
- opstringRequired
The operation to be performed.
Can be one of: "replace"
- pathstringRequired
The path for the given resource field to patch.
Can be one of: "/description"
- valuestringRequired
The value to be used for this operation.
-
Responses
204
API key updated successfully.
400
application/json
Invalid request was made.
- application/jsonobject
application/json properties
- errorsarray of objects
-
403
application/json
Requestor not allowed to update this API key.
- application/jsonobject
application/json properties
- errorsarray of objects
-
404
application/json
API key was not found.
- application/jsonobject
application/json properties
- errorsarray of objects
-
429
application/json
Request has been rate limited.
- application/jsonobject
application/json properties
- errorsarray of objects
-
curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys/{id}" \
-X PATCH \
-H "Content-type: application/json" \
-H "Authorization: Bearer <API-key>" \
-d '[{"op":"replace","path":"/description","value":"my new description"}]'
const https = require('https')
const data = JSON.stringify([{"op":"replace","path":"/description","value":"my new description"}])
const options = {
'hostname': 'https://your-tenant.us.qlikcloud.com',
'port': 443,
'path': '/api/v1/api-keys/{id}',
'method': 'PATCH',
'headers': {
'Content-type': 'application/json',
'Authorization': 'Bearer <API-key>'
}
}
const req = https.request(options)
req.write(data)
qlik api-key patch <api-keyId> \
--body='[{"op":"replace","path":"/description","value":"my new description"}]'
Request
[
{
"op": "replace",
"path": "/description",
"value": "my new description"
}
]
When the owner of the API key sends the request, the key will be removed. When a TenantAdmin sends the request, the key will be revoked.
Facts
Rate limit | Tier 2 (100 requests per minute) |
Categories | externalauthenticate |
Path Parameters
- idstringRequired
The ID of the API key resource to be retrieved.
Responses
204
Deleted or revoked an API key resource.
403
application/json
Requestor not allowed to delete or revoke this API key.
- application/jsonobject
application/json properties
- errorsarray of objects
-
404
application/json
API key was not found.
- application/jsonobject
application/json properties
- errorsarray of objects
-
429
application/json
Request has been rate limited.
- application/jsonobject
application/json properties
- errorsarray of objects
-
curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys/{id}" \
-X DELETE \
-H "Authorization: Bearer <API-key>"
const https = require('https')
const data = JSON.stringify("")
const options = {
'hostname': 'https://your-tenant.us.qlikcloud.com',
'port': 443,
'path': '/api/v1/api-keys/{id}',
'method': 'DELETE',
'headers': {
'Authorization': 'Bearer <API-key>'
}
}
const req = https.request(options)
qlik api-key rm <api-keyId>
Facts
Rate limit | Tier 1 (1000 requests per minute) |
Categories | externalauthenticate |
Path Parameters
- tenantIdstringRequired
The tenant ID of the API keys configuration to be retrieved.
Responses
200
application/json
API keys configuration.
- application/jsonobject
application/json properties
- api_keys_enabledboolean
Enables or disables API key functionality for the specified tenant.
- max_keys_per_usernumber
The maximum number of active API keys that any user can create for the specified tenant.
- max_api_key_expirystring
The maximum lifetime, in ISO8601 duration format, for which an API key can be issued for the specified tenant.
-
429
application/json
Request has been rate limited.
- application/jsonobject
application/json properties
- errorsarray of objects
-
default
application/json
Unexpected error.
- application/jsonobject
application/json properties
- errorsarray of objects
-
curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys/configs/{tenantId}" \
-H "Authorization: Bearer <API-key>"
const https = require('https')
const data = JSON.stringify("")
const options = {
'hostname': 'https://your-tenant.us.qlikcloud.com',
'port': 443,
'path': '/api/v1/api-keys/configs/{tenantId}',
'method': 'GET',
'headers': {
'Authorization': 'Bearer <API-key>'
}
}
const req = https.request(options)
qlik api-key config get <tenantId>
Response
{
"api_keys_enabled": false,
"max_keys_per_user": 5,
"max_api_key_expiry": "PT24H"
}
Facts
Rate limit | Tier 2 (100 requests per minute) |
Categories | externalauthenticate |
Path Parameters
- tenantIdstringRequired
The tenant ID of the API keys configuration to be retrieved.
Request Body
Requiredapplication/json
Configurations that the user wants to update for API keys.
A JSON Patch document as defined in https://datatracker.ietf.org/doc/html/rfc6902.
- application/jsonarray of objects
A JSON Patch document as defined in https://datatracker.ietf.org/doc/html/rfc6902.
application/json properties
- opstringRequired
The operation to be performed.
Can be one of: "replace"
- pathstringRequired
The path for the given resource field to patch.
Can be one of: "/api_keys_enabled""/max_api_key_expiry""/max_keys_per_user"
- valueanyRequired
The value to be used for this operation.
-
Responses
204
API keys configuration updated successfully.
400
application/json
Invalid request was made.
- application/jsonobject
application/json properties
- errorsarray of objects
-
403
application/json
Requestor not allowed to update the API keys configuration.
- application/jsonobject
application/json properties
- errorsarray of objects
-
404
application/json
Failed to update the API keys configuration.
- application/jsonobject
application/json properties
- errorsarray of objects
-
429
application/json
Request has been rate limited.
- application/jsonobject
application/json properties
- errorsarray of objects
-
curl "https://your-tenant.us.qlikcloud.com/api/v1/api-keys/configs/{tenantId}" \
-X PATCH \
-H "Content-type: application/json" \
-H "Authorization: Bearer <API-key>" \
-d '[{"op":"replace","path":"/api_keys_enabled","value":true}]'
const https = require('https')
const data = JSON.stringify([{"op":"replace","path":"/api_keys_enabled","value":true}])
const options = {
'hostname': 'https://your-tenant.us.qlikcloud.com',
'port': 443,
'path': '/api/v1/api-keys/configs/{tenantId}',
'method': 'PATCH',
'headers': {
'Content-type': 'application/json',
'Authorization': 'Bearer <API-key>'
}
}
const req = https.request(options)
req.write(data)
qlik api-key config patch <tenantId> \
--body='[{"op":"replace","path":"/api_keys_enabled","value":true}]'
Request
[
{
"op": "replace",
"path": "/api_keys_enabled",
"value": true
}
]