In a default install of Journyx, API Key authentication is disabled. An Administrator must first turn on the ability to use an API Key, and must then grant the ability to create API Keys to users. Administrators can choose to delegate the ability to generate and manage API keys to supervisors or administrators but still allow users to log in with them.
Role: API Key Generate
This role allows a user to generate keys for themselves or for their subordinates if they have a supervisor role.
Generate for Subordinates
- Go under Manage to User accounts to User API keys
- Here you can manage user API keys. This includes seeing when it was generated, when it was last used. You will not be able to see the API key. The API key is only visible to the user.
- To create a new key, click Create in the bottom right
- This will pop up a modal walking you through how to create an API key.
- The user you're creating the API key for. Supervisors can only see their subordinates. Administrators can see everyone.
- Give the API key a descriptive name. Maybe the service it will be used for?
- Enable "Read-only access" if you don't expect this API key to need to change data in Journyx.
- Set the expiration. This has a maximum of 180 days by default. This can be changed (to a lower value) in Configuration, System Settings, Security settings.
- Once entered, click OK.
Generate for themselves
- Once a user has been granted the correct API key roles, then they can create an API key by signing into Journyx, clicking their name in the top right corner, and going to My settings
- Scroll to the bottom and under the Security and Identity section, click on Create a new API Key
- Give the API Key a name (optional), set the expiration date, and click OK
- Copy the API Key generated as this will be used as your password for services that don't allow for SSO login
Role: API Key Sign In
Retrieving API key
- The user needs to sign into Journyx, and click their profile in the top right. Then click My settings.
- Scroll down to the bottom of the page to the "API Keys" section. This lists all API keys, even expired ones.
- Click on Details for the key name.
- API Key will be one of the fields in the popup modal.
Signing in with API key
Signing in with your API key cannot be done through the web interface. It can only be used through JXAPI. Refer to the documentation for JXAPI. Any place that you would provide a password you can provide this API key as the password.