API Keys

APIs are accessible under the https://*.recras.nl/api2/apikeys namespace.

Currently the editUsers permission is required to access the API keys endpoint.

For security reasons, management actions are limited to requests authenticated with the Authorization: Basic method.

Retrieve a list

GET /api2/apikeys

Retrieve a list of API Keys

Request:

Status Codes:

• 200 OK – OK

• 403 Forbidden – Authenticated user lacks the editUsers permission.

• 406 Not Acceptable – Error in one of the query parameters.

Query Parameters:

• user_id (integer) – The ID value of a user account.

Response:

JSON Parameters:

• _embedded.apikeys (array) – The list of API keys matching the selection parameters. Each element follows the description of GET /api2/apikeys/(int:id).

• count (integer) – The total number of API keys in the selection

• _links (object) – Links that can be followed from this resource, according to the proposed HAL standard

Link relations

The following link relations may be found on the list of API keys. Note that a single relation may contain a list of links:

self, method: get:

A canonical link to this collection

self, method: post:

The location to create new collection items

next, prev, first, last:

The resource may be paginated, this link follows the semantics as described in the IANA link relations catalogue.

Retrieve a single resource

GET /api2/apikeys/(int: id)

Retrieve a single API key. Note: please use HAL-links to derive the URI’s for API keys instead of the id values.

Request:

Status Codes:

• 200 OK – OK

• 403 Forbidden – Authenticated user lacks the editUsers permission.

• 406 Not Acceptable – Error in one of the query parameters.

Response:

JSON Parameters:

• id (integer) – An ID value, unique for each API key

• user_id (integer) – An ID value for the associated user account, corresponds to a staff or supplier resource.

• description (string) – A description for the API key

• _links (object) – HAL-links relevant to this resource

Link relations

The following link relations may be found on the list of API keys. Note that a single relation may contain a list of links:

self, method: get:

A canonical link to this resource

self, method: put:

The location to update the resource. This resource follows PUT-back semantics.

self, method: delete:

The location to delete the resource

Create

POST /api2/apikeys

Create a new API key. Note: please use the method: post link from the list resource.

Request:

Status Codes:

• 201 Created – Resource created

• 406 Not Acceptable – Error in the post body

Request Headers:

• Content-Type – The content type for the request body. The only acceptable value is application/json

JSON Parameters:

• user_id (integer) – Required. The ID value of a user account.

• description (string) – Required. A description for the API key.

Response:

The response is very much like the response for GET /api2/apikeys/(int:id), with these extra values:

JSON Parameters:

• token (string) – The value to use in the Authorization: Bearer request header. This should be treated as a secret and an opaque identifier. Please make no assumptions about its length or format. For more information and an example, see the chapter on authentication.