Management API Reference

Dashboard

API Keys

Use API keys to authenticate API requests.

Regenerate API keys#

Regenerating API keys

Regenerating an API key will invalidate the current key and generate a new one. This action cannot be undone. If you have set up webhooks or registered a Shield project with the key, you will need to update them with the new key.

Openfort supports the ability to regenerate, delete and create API keys. You can do this at any time in the API keys section of the dashboard.

  • Delete and regenerate API keys:
generate-delete-api-keys
  • Generate new API keys: You can create multiple API keys when you're planning to generate a new one to avoid disruption to your integration.
generate-api-keys

Limit API keys interaction by IP#

Openfort supports limiting the IPs that can interact with Openfort services using specific APIn keys.

To enable this, API keys section of the dashboard and press the three dots next to the secret key.

A new page will appear with an option Whitelist IPs like so:

generate-delete-api-keys

You can then add multiple IPs per single secret key.

If you try to make a request from an unauthorized IP, you will receive a Forbidden error like so:


_10
{
_10
"error": {
_10
"type": "invalid_request_error",
_10
"message": "Access is limited for this address"
_10
}
_10
}