Obtaining an API Key¶
The API key, which generates during account registration, provides data access via the REST API.
Below are two ways to obtain an API key. Choose the one you are most comfortable with:
- Active API key - the (new key) that will continue to be active after the old key is deactivated.
- Pending API key - the previously active (old key) that is being replaced by the now active key. Note that the pending key will remain active for its validity period until it expires or the user takes the action to delete it.
To obtain an API key (using the TLS Protect Cloud console)¶
Log in to TLS Protect Cloud.
In the menu bar, click your avatar in the top-right corner, and then click Preferences.
On the API Keys tab, click to copy your API key.
To obtain an API key (using VCert)¶
Download Venafi VCert from the GitHub repository at https://github.com/Venafi/vcert/releases. Under the "Assets" section are the binaries for each one of the supported OS versions. Select the appropriate OS.
Unzip the file and double-click to run the VCert executable file.
Open your terminal and run the vcert command along with desired options. Below are the parameters you can select; the only required field is "email."
./vcert getcred --email <email address> [--password <password>] [--format (text|json)]
Parameters Required Description required The email you will receive your activation link for your API key. password optional When supplied, the specified password will allow the user to log into the VaaS web console. format optional JSON file.
If the option of --format json is used, the output will include apiKey data from the API response, including userId, username, companyId, apiKeyStatus, creationDate, and validityStartDate.
./vcert getcred --email email@example.com
This returns and inactive API key. Follow the next step to activate it.
You will be sent an activation email. Complete the registration and activate your API key.
Using the API key in REST calls¶
For every REST API call you make to TLS Protect Cloud, pass the
Content-type and the
tppl-api-key key value.
API Key Reset¶
If an administrator checks the API Key Reset option for a user, that user will be able to call the
POST https://api.venafi.cloud/v1/useraccounts API or use the
vcert getcred --email firstname.lastname@example.org command to re-register for a new API key.