Logo
My activities
Submit a Ticket >

Toll Free: 1.877.776.2995

Resolver Core API - Creating an API Key

mceclip13.pngAbout Core API keys:

An API Key is used to authenticate requests to the Resolver Core API, and provides an attractive alternative to authentication with user account credentials.

  • Once generated, an API Key never expires. 
  • API keys are session-less. An API key can be used to authenticate any API call at any time, with no need to establish or maintain a session.
  • An API key is tied to a user account in an org. All API calls made with the API key are performed under that user's permissions, and logged as if they were performed by that user in Core.
  • API Keys can only be created by org Admins or Super Admins (Resolver Support). Admins can only create API keys for the orgs in which they are an Admin.  
  • An API Key can be created with the ability to impersonate other org users.  API keys with this ability can only be created by Super Admins. 
  • While any API call can be made using an API Key, only the there are currently only three API endpoints that support this in the Swagger web interface:

    POST /data/file/file
    mceclip1.png

    POST /data/object/{objectID}/file/{fileID}
    mceclip2.png

    POST /creation/import/json
    mceclip0.png

Creating an API key

API Keys are generated through Swagger. To create an API Key:

Create a User Account and grant suitable Permissions

  1. Log into Core. Under Settings > People > Users, create a user account to use for your integration:
    mceclip10.png

    mceclip11.png|
  2. Configure the account:
    mceclip16.png
    1. Use a valid email address for the account:
      • For sandbox testing, please take advantage of our test email server. Make up any email address @coreqe.com. All @coreqe emails are accepted, and retained for 15 minutes.

        mceclip6.png

        mceclip8.png

        mceclip7.png

      • For your production org, please provision and use a valid, company email address. The Resolver test email server is publicly accessible, so using a coreqe.com email address is inherently insecure. Anyone could request a password reset and gain access to the account.
    2. For better security, do not enable the Admin setting unless administrative access is required for the APIs that you wish to call.

    3. Enable the All Access setting to allow the user account full permissions to view, edit and delete all Data in the org. Alternatively, assign the user to the user groups or roles required to provide only the access needed for your integration.

  3. Copy the user's internal ID from the URL bar:
    mceclip17.png
    This will be used to find the user's membership record.

Find the User Membership Record for the Integration User Account

  1. Under Settings > Tools > Swagger, search for and click the user service:
    mceclip14.png
    This will open a new browser tab with the Swagger interface.

  2. In the Swagger interface, scroll down to the user service:
    mceclip15.png

    1. Expand the Who Am I? endpoint.

    2. Click Try It Out to execute the API. This will return information about your account and the current org.

    3. Copy the org ID from the results. This will be used to find the user's membership record.

  3. Scroll up and find the org service:
    mceclip18.png

    1. Expand the org service to reveal the available endpoints.

    2. Expand the load a user org membership endpoint.

    3. Enter the org ID and user ID obtained in the previous steps, then click Try it out! to execute the API.
    4. Copy the user-org-membership ID. This will be used to generate the API Key.

Generate the API Key

  1. Scroll up and find the apiKey service:
    mceclip20.png

    1. Expand the apiKey service.

    2. Expand the create an api key endpoint.

    3. Click on the example. This will copy the json template to the body.

    4. In the body, enter the user-org-membership ID obtained in the previous step, and provide a descriptive name for the API Key.

    5. Click Try it out! to execute the API.

    6. Copy the API Key from the response and store it for safekeeping.
      For security purposes, the full API key can not be retrieved again. If you lose the API key, you will need to generate a new one.

      You may also wish to record the API Key's ID. This will make it easier to find and delete the key if necessary. It will also be possible to look up the API Key using the user-org-membership ID obtained previously.

Using an API key 

To authenticate an API call using the API Key, add an x-api-key parameter to the request header your API Key as the value:
x-api-key: YOUR_API_KEY

 

To impersonate a user with the API key, also add an impersonate-user-id parameter to the request header with the id of the user to be impersonated as the value:

impersonate-user-id: IMPERSONATED_USER_ID

Example

curl -X POST --header 'Content-Type: multipart/form-data' --header 'Accept: application/json' --header 'x-api-key: YOUR_API_KEY' --header 'impersonate-user-id: IMPERSONATED_USER_ID' 'https://sandbox.resolver.com/data/file/file'

   

Reminder: user impersonation is only possible if:

  1. impersonation was set to true when the API Key was created. This can only be done by Super Admins (Resolver Support)
  2. the user to be impersonated is an active member of the same the org as the API Key user
Follow
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request
Powered by Zendesk