keys
Creates, updates, deletes, gets or lists a keys resource.
Overview
| Name | keys |
| Type | Resource |
| Id | google.apigee.keys |
Fields
The following fields are returned by SELECT queries:
- organizations_developers_apps_keys_get
- organizations_appgroups_apps_keys_get
Successful response
| Name | Datatype | Description |
|---|---|---|
apiProducts | array | List of API products for which the credential can be used. Note: Do not specify the list of API products when creating a consumer key and secret for a developer app. Instead, use the UpdateDeveloperAppKey API to make the association after the consumer key and secret are created. |
attributes | array | List of attributes associated with the credential. |
consumerKey | string | Consumer key. |
consumerSecret | string | Secret key. |
expiresAt | string (int64) | Time the developer app expires in milliseconds since epoch. |
expiresInSeconds | string (int64) | Input only. Expiration time, in seconds, for the consumer key. If not set or left to the default value of -1, the API key never expires. The expiration time can't be updated after it is set. |
issuedAt | string (int64) | Time the developer app was created in milliseconds since epoch. |
scopes | array | Scopes to apply to the app. The specified scope names must already be defined for the API product that you associate with the app. |
status | string | Status of the credential. Valid values include approved or revoked. |
Successful response
| Name | Datatype | Description |
|---|---|---|
apiProducts | array | Output only. List of API products and its status for which the credential can be used. Note: Use UpdateAppGroupAppKeyApiProductRequest API to make the association after the consumer key and secret are created. |
attributes | array | List of attributes associated with the credential. |
consumerKey | string | Immutable. Consumer key. |
consumerSecret | string | Secret key. |
expiresAt | string (int64) | Output only. Time the AppGroup app expires in milliseconds since epoch. |
expiresInSeconds | string (int64) | Immutable. Expiration time, in seconds, for the consumer key. If not set or left to the default value of -1, the API key never expires. The expiration time can't be updated after it is set. |
issuedAt | string (int64) | Output only. Time the AppGroup app was created in milliseconds since epoch. |
scopes | array | Scopes to apply to the app. The specified scope names must already be defined for the API product that you associate with the app. |
status | string | Status of the credential. Valid values include approved or revoked. |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
organizations_developers_apps_keys_get | select | organizationsId, developersId, appsId, keysId | Gets details for a consumer key for a developer app, including the key and secret value, associated API products, and other information. | |
organizations_appgroups_apps_keys_get | select | organizationsId, appgroupsId, appsId, keysId | Gets details for a consumer key for a AppGroup app, including the key and secret value, associated API products, and other information. | |
organizations_developers_apps_keys_create | insert | organizationsId, developersId, appsId | Creates a custom consumer key and secret for a developer app. This is particularly useful if you want to migrate existing consumer keys and secrets to Apigee from another system. Consumer keys and secrets can contain letters, numbers, underscores, and hyphens. No other special characters are allowed. To avoid service disruptions, a consumer key and secret should not exceed 2 KBs each. Note: When creating the consumer key and secret, an association to API products will not be made. Therefore, you should not specify the associated API products in your request. Instead, use the UpdateDeveloperAppKey API to make the association after the consumer key and secret are created. If a consumer key and secret already exist, you can keep them or delete them using the DeleteDeveloperAppKey API. Note: All keys start out with status=approved, even if status=revoked is passed when the key is created. To revoke a key, use the UpdateDeveloperAppKey API. | |
organizations_appgroups_apps_keys_create | insert | organizationsId, appgroupsId, appsId | Creates a custom consumer key and secret for a AppGroup app. This is particularly useful if you want to migrate existing consumer keys and secrets to Apigee from another system. Consumer keys and secrets can contain letters, numbers, underscores, and hyphens. No other special characters are allowed. To avoid service disruptions, a consumer key and secret should not exceed 2 KBs each. Note: When creating the consumer key and secret, an association to API products will not be made. Therefore, you should not specify the associated API products in your request. Instead, use the UpdateAppGroupAppKey API to make the association after the consumer key and secret are created. If a consumer key and secret already exist, you can keep them or delete them using the DeleteAppGroupAppKey API. | |
organizations_developers_apps_keys_replace_developer_app_key | replace | organizationsId, developersId, appsId, keysId | Updates the scope of an app. This API replaces the existing scopes with those specified in the request. Include or exclude any existing scopes that you want to retain or delete, respectively. The specified scopes must already be defined for the API products associated with the app. This API sets the scopes element under the apiProducts element in the attributes of the app. | |
organizations_developers_apps_keys_apiproducts_delete | delete | organizationsId, developersId, appsId, keysId, apiproductsId | Removes an API product from an app's consumer key. After the API product is removed, the app cannot access the API resources defined in that API product. Note: The consumer key is not removed, only its association with the API product. | |
organizations_developers_apps_keys_delete | delete | organizationsId, developersId, appsId, keysId | Deletes an app's consumer key and removes all API products associated with the app. After the consumer key is deleted, it cannot be used to access any APIs. Note: After you delete a consumer key, you may want to: 1. Create a new consumer key and secret for the developer app using the CreateDeveloperAppKey API, and subsequently add an API product to the key using the UpdateDeveloperAppKey API. 2. Delete the developer app, if it is no longer required. | |
organizations_appgroups_apps_keys_delete | delete | organizationsId, appgroupsId, appsId, keysId | Deletes an app's consumer key and removes all API products associated with the app. After the consumer key is deleted, it cannot be used to access any APIs. | |
organizations_developers_apps_keys_update_developer_app_key | exec | organizationsId, developersId, appsId, keysId | action | Adds an API product to a developer app key, enabling the app that holds the key to access the API resources bundled in the API product. In addition, you can add attributes and scopes associated with the API product to the developer app key. The status of the key can be updated via "action" Query Parameter. None of the other fields can be updated via this API. This API replaces the existing attributes with those specified in the request. Include or exclude any existing attributes that you want to retain or delete, respectively. None of the other fields can be updated. You can use the same key to access all API products associated with the app. |
organizations_developers_apps_keys_create_create | exec | organizationsId, developersId, appsId | Creates a custom consumer key and secret for a developer app. This is particularly useful if you want to migrate existing consumer keys and secrets to Apigee from another system. Consumer keys and secrets can contain letters, numbers, underscores, and hyphens. No other special characters are allowed. To avoid service disruptions, a consumer key and secret should not exceed 2 KBs each. Note: When creating the consumer key and secret, an association to API products will not be made. Therefore, you should not specify the associated API products in your request. Instead, use the UpdateDeveloperAppKey API to make the association after the consumer key and secret are created. If a consumer key and secret already exist, you can keep them or delete them using the DeleteDeveloperAppKey API. Note: All keys start out with status=approved, even if status=revoked is passed when the key is created. To revoke a key, use the UpdateDeveloperAppKey API. | |
organizations_developers_apps_keys_apiproducts_update_developer_app_key_api_product | exec | organizationsId, developersId, appsId, keysId, apiproductsId | action | Approves or revokes the consumer key for an API product. After a consumer key is approved, the app can use it to access APIs. A consumer key that is revoked or pending cannot be used to access an API. Any access tokens associated with a revoked consumer key will remain active. However, Apigee checks the status of the consumer key and if set to revoked will not allow access to the API. |
organizations_appgroups_apps_keys_update_app_group_app_key | exec | organizationsId, appgroupsId, appsId, keysId | Adds an API product to an AppGroupAppKey, enabling the app that holds the key to access the API resources bundled in the API product. In addition, you can add attributes and scopes to the AppGroupAppKey. This API replaces the existing attributes with those specified in the request. Include or exclude any existing attributes that you want to retain or delete, respectively. You can use the same key to access all API products associated with the app. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
apiproductsId | string | |
appgroupsId | string | |
appsId | string | |
developersId | string | |
keysId | string | |
organizationsId | string | |
action | string |
SELECT examples
- organizations_developers_apps_keys_get
- organizations_appgroups_apps_keys_get
Gets details for a consumer key for a developer app, including the key and secret value, associated API products, and other information.
SELECT
apiProducts,
attributes,
consumerKey,
consumerSecret,
expiresAt,
expiresInSeconds,
issuedAt,
scopes,
status
FROM google.apigee.keys
WHERE organizationsId = '{{ organizationsId }}' -- required
AND developersId = '{{ developersId }}' -- required
AND appsId = '{{ appsId }}' -- required
AND keysId = '{{ keysId }}' -- required;
Gets details for a consumer key for a AppGroup app, including the key and secret value, associated API products, and other information.
SELECT
apiProducts,
attributes,
consumerKey,
consumerSecret,
expiresAt,
expiresInSeconds,
issuedAt,
scopes,
status
FROM google.apigee.keys
WHERE organizationsId = '{{ organizationsId }}' -- required
AND appgroupsId = '{{ appgroupsId }}' -- required
AND appsId = '{{ appsId }}' -- required
AND keysId = '{{ keysId }}' -- required;
INSERT examples
- organizations_developers_apps_keys_create
- organizations_appgroups_apps_keys_create
- Manifest
Creates a custom consumer key and secret for a developer app. This is particularly useful if you want to migrate existing consumer keys and secrets to Apigee from another system. Consumer keys and secrets can contain letters, numbers, underscores, and hyphens. No other special characters are allowed. To avoid service disruptions, a consumer key and secret should not exceed 2 KBs each. Note: When creating the consumer key and secret, an association to API products will not be made. Therefore, you should not specify the associated API products in your request. Instead, use the UpdateDeveloperAppKey API to make the association after the consumer key and secret are created. If a consumer key and secret already exist, you can keep them or delete them using the DeleteDeveloperAppKey API. Note: All keys start out with status=approved, even if status=revoked is passed when the key is created. To revoke a key, use the UpdateDeveloperAppKey API.
INSERT INTO google.apigee.keys (
data__apiProducts,
data__attributes,
data__consumerKey,
data__consumerSecret,
data__expiresAt,
data__issuedAt,
data__scopes,
data__status,
data__expiresInSeconds,
organizationsId,
developersId,
appsId
)
SELECT
'{{ apiProducts }}',
'{{ attributes }}',
'{{ consumerKey }}',
'{{ consumerSecret }}',
'{{ expiresAt }}',
'{{ issuedAt }}',
'{{ scopes }}',
'{{ status }}',
'{{ expiresInSeconds }}',
'{{ organizationsId }}',
'{{ developersId }}',
'{{ appsId }}'
RETURNING
apiProducts,
attributes,
consumerKey,
consumerSecret,
expiresAt,
expiresInSeconds,
issuedAt,
scopes,
status
;
Creates a custom consumer key and secret for a AppGroup app. This is particularly useful if you want to migrate existing consumer keys and secrets to Apigee from another system. Consumer keys and secrets can contain letters, numbers, underscores, and hyphens. No other special characters are allowed. To avoid service disruptions, a consumer key and secret should not exceed 2 KBs each. Note: When creating the consumer key and secret, an association to API products will not be made. Therefore, you should not specify the associated API products in your request. Instead, use the UpdateAppGroupAppKey API to make the association after the consumer key and secret are created. If a consumer key and secret already exist, you can keep them or delete them using the DeleteAppGroupAppKey API.
INSERT INTO google.apigee.keys (
data__attributes,
data__consumerKey,
data__consumerSecret,
data__scopes,
data__status,
data__expiresInSeconds,
organizationsId,
appgroupsId,
appsId
)
SELECT
'{{ attributes }}',
'{{ consumerKey }}',
'{{ consumerSecret }}',
'{{ scopes }}',
'{{ status }}',
'{{ expiresInSeconds }}',
'{{ organizationsId }}',
'{{ appgroupsId }}',
'{{ appsId }}'
RETURNING
apiProducts,
attributes,
consumerKey,
consumerSecret,
expiresAt,
expiresInSeconds,
issuedAt,
scopes,
status
;
# Description fields are for documentation purposes
- name: keys
props:
- name: organizationsId
value: string
description: Required parameter for the keys resource.
- name: developersId
value: string
description: Required parameter for the keys resource.
- name: appsId
value: string
description: Required parameter for the keys resource.
- name: appgroupsId
value: string
description: Required parameter for the keys resource.
- name: apiProducts
value: array
description: >
List of API products for which the credential can be used. **Note**: Do not specify the list of API products when creating a consumer key and secret for a developer app. Instead, use the UpdateDeveloperAppKey API to make the association after the consumer key and secret are created.
- name: attributes
value: array
description: >
List of attributes associated with the credential.
- name: consumerKey
value: string
description: >
Immutable. Consumer key.
- name: consumerSecret
value: string
description: >
Secret key.
- name: expiresAt
value: string
description: >
Time the developer app expires in milliseconds since epoch.
- name: issuedAt
value: string
description: >
Time the developer app was created in milliseconds since epoch.
- name: scopes
value: array
description: >
Scopes to apply to the app. The specified scope names must already be defined for the API product that you associate with the app.
- name: status
value: string
description: >
Status of the credential. Valid values include `approved` or `revoked`.
- name: expiresInSeconds
value: string
description: >
Immutable. Expiration time, in seconds, for the consumer key. If not set or left to the default value of `-1`, the API key never expires. The expiration time can't be updated after it is set.
REPLACE examples
- organizations_developers_apps_keys_replace_developer_app_key
Updates the scope of an app. This API replaces the existing scopes with those specified in the request. Include or exclude any existing scopes that you want to retain or delete, respectively. The specified scopes must already be defined for the API products associated with the app. This API sets the scopes element under the apiProducts element in the attributes of the app.
REPLACE google.apigee.keys
SET
data__apiProducts = '{{ apiProducts }}',
data__attributes = '{{ attributes }}',
data__consumerKey = '{{ consumerKey }}',
data__consumerSecret = '{{ consumerSecret }}',
data__expiresAt = '{{ expiresAt }}',
data__issuedAt = '{{ issuedAt }}',
data__scopes = '{{ scopes }}',
data__status = '{{ status }}',
data__expiresInSeconds = '{{ expiresInSeconds }}'
WHERE
organizationsId = '{{ organizationsId }}' --required
AND developersId = '{{ developersId }}' --required
AND appsId = '{{ appsId }}' --required
AND keysId = '{{ keysId }}' --required
RETURNING
apiProducts,
attributes,
consumerKey,
consumerSecret,
expiresAt,
expiresInSeconds,
issuedAt,
scopes,
status;
DELETE examples
- organizations_developers_apps_keys_apiproducts_delete
- organizations_developers_apps_keys_delete
- organizations_appgroups_apps_keys_delete
Removes an API product from an app's consumer key. After the API product is removed, the app cannot access the API resources defined in that API product. Note: The consumer key is not removed, only its association with the API product.
DELETE FROM google.apigee.keys
WHERE organizationsId = '{{ organizationsId }}' --required
AND developersId = '{{ developersId }}' --required
AND appsId = '{{ appsId }}' --required
AND keysId = '{{ keysId }}' --required
AND apiproductsId = '{{ apiproductsId }}' --required;
Deletes an app's consumer key and removes all API products associated with the app. After the consumer key is deleted, it cannot be used to access any APIs. Note: After you delete a consumer key, you may want to: 1. Create a new consumer key and secret for the developer app using the CreateDeveloperAppKey API, and subsequently add an API product to the key using the UpdateDeveloperAppKey API. 2. Delete the developer app, if it is no longer required.
DELETE FROM google.apigee.keys
WHERE organizationsId = '{{ organizationsId }}' --required
AND developersId = '{{ developersId }}' --required
AND appsId = '{{ appsId }}' --required
AND keysId = '{{ keysId }}' --required;
Deletes an app's consumer key and removes all API products associated with the app. After the consumer key is deleted, it cannot be used to access any APIs.
DELETE FROM google.apigee.keys
WHERE organizationsId = '{{ organizationsId }}' --required
AND appgroupsId = '{{ appgroupsId }}' --required
AND appsId = '{{ appsId }}' --required
AND keysId = '{{ keysId }}' --required;
Lifecycle Methods
- organizations_developers_apps_keys_update_developer_app_key
- organizations_developers_apps_keys_create_create
- organizations_developers_apps_keys_apiproducts_update_developer_app_key_api_product
- organizations_appgroups_apps_keys_update_app_group_app_key
Adds an API product to a developer app key, enabling the app that holds the key to access the API resources bundled in the API product. In addition, you can add attributes and scopes associated with the API product to the developer app key. The status of the key can be updated via "action" Query Parameter. None of the other fields can be updated via this API. This API replaces the existing attributes with those specified in the request. Include or exclude any existing attributes that you want to retain or delete, respectively. None of the other fields can be updated. You can use the same key to access all API products associated with the app.
EXEC google.apigee.keys.organizations_developers_apps_keys_update_developer_app_key
@organizationsId='{{ organizationsId }}' --required,
@developersId='{{ developersId }}' --required,
@appsId='{{ appsId }}' --required,
@keysId='{{ keysId }}' --required,
@action='{{ action }}'
@@json=
'{
"apiProducts": "{{ apiProducts }}",
"attributes": "{{ attributes }}",
"consumerKey": "{{ consumerKey }}",
"consumerSecret": "{{ consumerSecret }}",
"expiresAt": "{{ expiresAt }}",
"issuedAt": "{{ issuedAt }}",
"scopes": "{{ scopes }}",
"status": "{{ status }}",
"expiresInSeconds": "{{ expiresInSeconds }}"
}';
Creates a custom consumer key and secret for a developer app. This is particularly useful if you want to migrate existing consumer keys and secrets to Apigee from another system. Consumer keys and secrets can contain letters, numbers, underscores, and hyphens. No other special characters are allowed. To avoid service disruptions, a consumer key and secret should not exceed 2 KBs each. Note: When creating the consumer key and secret, an association to API products will not be made. Therefore, you should not specify the associated API products in your request. Instead, use the UpdateDeveloperAppKey API to make the association after the consumer key and secret are created. If a consumer key and secret already exist, you can keep them or delete them using the DeleteDeveloperAppKey API. Note: All keys start out with status=approved, even if status=revoked is passed when the key is created. To revoke a key, use the UpdateDeveloperAppKey API.
EXEC google.apigee.keys.organizations_developers_apps_keys_create_create
@organizationsId='{{ organizationsId }}' --required,
@developersId='{{ developersId }}' --required,
@appsId='{{ appsId }}' --required
@@json=
'{
"apiProducts": "{{ apiProducts }}",
"attributes": "{{ attributes }}",
"consumerKey": "{{ consumerKey }}",
"consumerSecret": "{{ consumerSecret }}",
"expiresAt": "{{ expiresAt }}",
"issuedAt": "{{ issuedAt }}",
"scopes": "{{ scopes }}",
"status": "{{ status }}",
"expiresInSeconds": "{{ expiresInSeconds }}"
}';
Approves or revokes the consumer key for an API product. After a consumer key is approved, the app can use it to access APIs. A consumer key that is revoked or pending cannot be used to access an API. Any access tokens associated with a revoked consumer key will remain active. However, Apigee checks the status of the consumer key and if set to revoked will not allow access to the API.
EXEC google.apigee.keys.organizations_developers_apps_keys_apiproducts_update_developer_app_key_api_product
@organizationsId='{{ organizationsId }}' --required,
@developersId='{{ developersId }}' --required,
@appsId='{{ appsId }}' --required,
@keysId='{{ keysId }}' --required,
@apiproductsId='{{ apiproductsId }}' --required,
@action='{{ action }}';
Adds an API product to an AppGroupAppKey, enabling the app that holds the key to access the API resources bundled in the API product. In addition, you can add attributes and scopes to the AppGroupAppKey. This API replaces the existing attributes with those specified in the request. Include or exclude any existing attributes that you want to retain or delete, respectively. You can use the same key to access all API products associated with the app.
EXEC google.apigee.keys.organizations_appgroups_apps_keys_update_app_group_app_key
@organizationsId='{{ organizationsId }}' --required,
@appgroupsId='{{ appgroupsId }}' --required,
@appsId='{{ appsId }}' --required,
@keysId='{{ keysId }}' --required
@@json=
'{
"action": "{{ action }}",
"appGroupAppKey": "{{ appGroupAppKey }}",
"apiProducts": "{{ apiProducts }}"
}';