Sign in

Configuring Authorization for a Web Service

1 min read

Creating an API Key

An API Key enables the Aras Innovator server to authorize requests and execute the request as the User associated with the key. API Keys are most commonly assigned to a service User that is used for server-to-server requests or other scenarios where an end user cannot be prompted for credentials.

Note
Applications and integrations that execute requests as a specific end user should use the OAuth credential flow instead of API Keys. This is the same authorization approach supported by the platform’s default REST API.

API Keys contain the following properties:

  • Name: Name of the API Key
  • User: The User that will be used for all requests made with this key. If a user is not entered, a system user will be automatically generated.
  • Description: Description of the API Key
  • Created By: The User who created the API key
  • Created On: When the API key was created
  • Scope: Optional. Selecting “Override System Properties” will enable requests using this API Key to overwrite the data in system properties.
Warning
Only enable the “Override System Properties” scope when a use case requires an application or integration to overwrite the system property values in the Aras Innovator database. This feature may replace critical metadata such as created_by_id, modified_by_id, created_on, modified_on, state, etc. See the section “Overwriting System Properties” below for more detail on this capability.
Warning
After generating the API Key, copy and store it securely, as it will not be visible again.
Note
System Users generated for API Keys are not automatically added to any group identities or access control configurations. Be sure to check that generated system users have permission to perform the operations described in the Endpoint.

The following steps outline creating an API Key for a Web Service.

  1. Open the Web Service.
  2. Click Edit.
    Click the API Keys tab.
  3. Click the New API Key button.
    A new record will be added to the table, as shown below:
  4. Enter Name.
  5. (Optional) Enter the User that will be used for all requests made with this API Key.
    If a User is not selected, one will be generated. If using a generated user, be sure to grant that user permission for the requests that will be made with the API Key.
  6. Click Save.
    Saving the record will display the API key. Save the key, as it will not be visible after creation.

  7. Click Done.
    The newly added API key will be displayed.