In this article
DNSFilter users have self-service access the API keys—also called JSON Web Tokens (JWT) or API tokens—through the DNSFilter dashboard.
These API keys create a tight integration between DNSFilter and your product or apps you're using, sharing data via the JWT.
What to know about API Keys
Our team built in a few guardrails to understand before utilizing these keys.
API keys are associated with the user, not an Organization | A user's API keys will only show up in their account, even if they are a member of multiple Organizations. |
Limit 5 API keys per user |
Only keys in active status count toward this total. Users will receive an error message from the dashboard when they try to create more than 5 tokens. Users can revoke or delete unused keys to add new keys. |
Only a user can revoke/delete their keys | Organization owners and admins cannot revoke or delete a user's key. |
The API key takes on the same permissions as the user | The key is associated to the user and provides the same level of access granted to that user in the system. This is true for MSP Organization users and sub-org users as well. |
We recommend account owners do not create API keys | DNSFilter encourages principle of least privilege practices when using API keys: if an API key becomes compromised this minimum layer of protection can prevent serious damage to the account. |
There is not an expiration warning or reminder |
The API key dashboard displays the expiration date. We recommend using automation practices to prevent any lapse in API integration. If a key is expired, the integration will return an error code stating the user is not authorized until the API key is updated. |
Generate a DNSFilter API Key
Follow these steps to generate an API key.
- Login to the DNSFilter dashboard and navigate to your account icon
- Select Account
- Scroll to API Keys
- Select + Create New API Key
- Enter a key Name. This name is not editable after the key is created
- Select an Expiration from the drop down menu
- Select Create
- Copy the API key. This is the only time the key is available, and the Dismiss option will not function until the key is copied
- Select Dismiss to return to the API key dashboard
The API key is now visible in the dashboard. Navigate to the product/app to integrate DNSFilter through standard processes.
Navigate the API Key dashboard
A key dashboard populates in the account once at least one key is created. These fields are available in the dashboard:
Status. The API key status is either active, revoked, or expired. Deleted keys are removed from the dashboard.
API Key. This column displays the key name and redacted token ID .
Key Dates. The expiration date/time and creation date/time.
Actions. Select the more icon to revoke or delete a key.
Revoke or Delete a DNSFilter API Key
Revoke or delete a token when it's no longer needed. To ensure uninterrupted integration, replace API keys before completing these steps.
- Navigate to the API key dashboard in your account
- From the Actions menu, select Revoke or Delete for the unneeded key
- Confirm the action in the prompt
The token will no longer be available for use once confirmed. A revoked key's Status will update to revoked, and deleted keys disappear from the dashboard. Any current applications using the key will return an error message and require a new token to integrate with DNSFilter.
Comments
0 comments
Please sign in to leave a comment.