Managing API Keys

Learn how to manage the API keys used to communicate to and from client web applications

Client Web Applications should be hosted with configurations to enable changing API keys with zero downtime. This can be done by building a Client Web Application so that a list of keys accepted can be configured instead of just accepting one key.

👍

Using the Client Extension?

The Client Extension allows clients to configure a list of keys accepted in the Deployment Options modal. Learn more by reading Deploying A Build Version

👍

Using the C# Client Library?

The C# Client Library allows client web applications to configure a list of accepted keys by setting environment variables on the environment hosting the code. Learn more by reading Securing External Applications


Changing the Directscale API Key


Follow these steps to change a Directscale key.

  1. Generate a new Directscale Secret
  2. Update the Client Web Application to use the new Directscale Secret when calling the Extension API

👍

Using the C# Client Library or Client Extension?

If you are using the C# Client Library then change the DirectScaleToken environment variable on the server(s) hosting the Client Web Application.
If you are using the Client Extension hosting solution then Redeploy The Current Version and change the DirectScaleToken environment variable in the Deployment Options Modal.

  1. Remove the prior Directscale Secret by clicking the 🗑️ icon to the right of the key to be removed on the Directscale Secrets card.
594

Figure 1: An image showing the Directscale Secrets Card with an arrow pointing to the Icon used to delete a secret


Changing the Client Extension API Key


Follow these steps to change the Client Extension key.

  1. Update the Client Web Application configuration to accept another secure API key.

👍

Using the C# Client Library or Client Extension?

If you are using the C# Client Library then add an environment variable that starts with "ExtensionToken" and has a secure value to the server(s) hosting the Client Web Application.
If you are using the Client Extension hosting solution then Redeploy The Current Version and add another environment variable key that starts with "ExtensionToken" and has a secure value.

  1. Change the Client Extension Secret to the value of the new API key that is accepted by the Client Web Application.
  2. Update the Client Web Application configuration to not accept the prior API key.

👍

Using the C# Client Library or Client Extension?

If you are using the C# Client Library then remove the environment variable that had the prior API key on the server(s) hosting the Client Web Application.
If you are using the Client Extension hosting solution then Redeploy The Current Version and remove the environment variable that had the prior API key by clicking the 🗑️ icon to the right on the Deployment Options modal as shown in Figure 2 below.

592

Figure 2: An image showing the Deployment Options Modal with an arrow pointing to the Icon used to delete an environment variable