Apikeys
An API key is a unique identifier used to connect to, or perform, an route call.
You can found a concrete example here
ApiKey Id
: the id is a unique random key that will represent this API keyApiKey Secret
: the secret is a random key used to validate the API keyApiKey Name
: a name for the API key, used for debug purposesApiKey description
: a useful description for this apikeyValid until
: auto disable apikey after this dateEnabled
: if the API key is disabled, then any call using this API key will failRead only
: if the API key is in read only mode, every request done with this api key will only work for GET, HEAD, OPTIONS verbsAllow pass by clientid only
: here you allow client to only pass client id in a specific header in order to grant access to the underlying apiConstrained services only
: this apikey can only be used on services using apikey routing constraintsAuthorized on
: the groups/services linked to this api key
Metadata and tags
Tags
: tags attached to the api keyMetadata
: metadata attached to the api key
Automatic secret rotation
API can handle automatic secret rotation by themselves. When enabled, the rotation changes the secret every Rotation every
duration. During the Grace period
both secret will be usable.
Enabled
: enabled automatic apikey secret rotationRotation every
: rotate secrets everyGrace period
: period when both secrets can be usedNext client secret
: display the next generated client secret
Restrictions
Enabled
: enable restrictionsAllow last
: Otoroshi will test forbidden and notFound paths before testing allowed pathsAllowed
: allowed pathsForbidden
: forbidden pathsNot Found
: not found paths
Call examples
Curl Command
: simple request with the api key passed by headerBasic Auth. Header
: authorization Header with the api key as base64 encoded formatCurl Command with Basic Auth. Header
: simple request with api key passed in the Authorization header as base64 format
Quotas
Throttling quota
: the authorized number of calls per secondDaily quota
: the authorized number of calls per dayMonthly quota
: the authorized number of calls per month
Warning
Daily and monthly quotas are based on the following rules :
- daily quota is computed between 00h00:00.000 and 23h59:59.999 of the current day
- monthly qutoas is computed between the first day of the month at 00h00:00.000 and the last day of the month at 23h59:59.999
Quotas consumption
Consumed daily calls
: the number of calls consumed todayRemaining daily calls
: the remaining number of calls for todayConsumed monthly calls
: the number of calls consumed this monthRemaining monthly calls
: the remaining number of calls for this month