At the moment there are three permission levels an API key can be given to restrict what it can do:
- CAN: use with the API connector
- CANNOT: create or manage OpenAthens accounts
- CANNOT: access reports API
This only appears if the function is enabled for your organisation
- CAN: use with the reports API
- CANNOT: create or manage OpenAthens accounts or any other function
- CAN: access all available API functions
- CAN: access the reports API if it is enabled for your organisation
There may be other permission distinctions added in the future.
Create a new key
Click on the create button at the top of the page, enter a name that describes what you will be using it for, and select the permission level
A key will be generated when you click save.
Edit a key
You can edit the name or permission level assigned to a key by hovering over the key and selecting the edit button that appears. You cannot change the key value or expiry date.
Deleting a key
Hover over the key you want to delete and select the remove button.
An expiry date is automatically generated. When it is near, the system will automatically send an email to the administrators in the same organisation or sub-organisation as the key. The first email is 30 days before expiry and as the date approaches the system will email you more regularly. Just as with accounts, the key will not work on the expiry date.
Anything to watch out for?
When a key expires or is disabled, any application using it will receive invalid credentials errors from the API. It will not be able to interact with OpenAthens until the key that system is using is updated with a valid one.