Path to function: Management > API keys

This page allows the creation and management of the keys you can use with the OpenAthens REST API, including the API connector for local authentication and Fetching statistics reports via the API.

Permissions

At the moment there are three permission levels an API key can be given to restrict what it can do:

Authentication API
  • CAN: use with the API connector
  • CANNOT: create or manage OpenAthens accounts
  • CANNOT: access reports API
Reports API

This only appears if the function is enabled for your organisation

  • CAN: use with the reports API
  • CANNOT: create or manage OpenAthens accounts or any other function
Full access

There may be other permission distinctions added in the future.

Create a new key

Click on the create button at the top of the page, enter a name that describes what you will be using it for, and select the permission level 

A key will be generated when you click save.

Edit a key

You can edit the name or permission level assigned to a key by hovering over the key and selecting the edit button that appears. You cannot change the key value or expiry date.

Deleting a key

Hover over the key you want to delete and select the remove button.

Expiry dates

An expiry date is automatically generated. When it is near, the system will automatically send an email to the administrators in the same organisation or sub-organisation as the key. The first email is 30 days before expiry and as the date approaches the system will email you more regularly. Just as with accounts, the key will not work on the expiry date. 

Anything to watch out for?

When a key expires or is disabled, any application using it will receive invalid credentials errors from the API. It will not be able to interact with OpenAthens until the key that system is using is updated with a valid one.


  • No labels