Team API Keys

Overview

Team API keys are designed for service accounts that manage Open Authorization API (OAA) integrations assigned to a team. Similar to personal API keys, these keys authenticate API requests, and can be revoked or reinstated to control programmatic access to Veza. Each key is associated with a single team and has the oaa_push role, restricted to specific read and write operations for creating and updating OAA data sources.

Team API keys are limited to the following operations:

Administrators can create and manage team API keys using the endpoints documented below. Note that Team API Keys are currently provided as an early access feature, and /preview/ API operations are subject to change as capabilities are added or modified.

List Team API Keys

Method: GET Endpoint: /api/preview/teamkeys

Returns API key details such as last activity time and status. If the query includes a team_id filter expression, only keys for that team are listed.

Example Request:

curl -X GET "https://<base-url>/api/preview/teamkeys?filter=team_id+eq+%2260437fa0-15ab-4c1f-a211-010543ac8a89%22" \
 -H "accept: application/json"

Example Response:

{
  "values": [
    {
      "id": "54807783-c5ec-4efd-9d1b-853bada658dd",
      "access_key": "",
      "name": "AWS Team Key",
      "created_at": "2024-06-25T08:30:17.087351612Z",
      "last_access_at": "2024-06-25T08:30:17.087351612Z",
      "status": "ACTIVE",
      "team_id": "60437fa0-15ab-4c1f-a211-010543ac8a89"
    }
  ],
  "next_page_token": ""
}

Create Team API Key

Method: POST Endpoint: /api/preview/teamkeys

Create an API key by providing a key name and team team_id. The response includes the access_key, which cannot be retrieved again.

Example Request:

curl -X POST "https://<base-url>/api/preview/teamkeys" \
 -H "accept: application/json" \
 -H "content-type: application/json" \
 -d '{"name":"New Team API Key","team_id":"60437fa0-15ab-4c1f-a211-010543ac8a89"}'

Example Response:

{
  "value": {
    "id": "7ddd5e0c-29cd-41c5-b41f-884b2d24b05d",
    "access_key": "<access key>",
    "name": "New Team API Key",
    "created_at": "2024-08-26T21:29:59.409761363Z",
    "last_access_at": "2024-08-26T21:29:59.409761363Z",
    "status": "ACTIVE",
    "team_id": "60437fa0-15ab-4c1f-a211-010543ac8a89"
  }
}

Remove Team API Key

Method: DELETE Endpoint: /api/preview/teamkeys/{id}

Permanently delete a team API key.

Example Request:

curl -X DELETE "https://<base-url>/api/preview/teamkeys/7ddd5e0c-29cd-41c5-b41f-884b2d24b05d" \
 -H "accept: application/json"

Example Response:

{
  "value": {
    "id": "7ddd5e0c-29cd-41c5-b41f-884b2d24b05d",
    "access_key": "",
    "name": "Updated API Key",
    "created_at": "2024-08-26T21:29:59.409761363Z",
    "last_access_at": "2024-08-26T21:29:59.409761363Z",
    "status": "INACTIVE",
    "team_id": "60437fa0-15ab-4c1f-a211-010543ac8a89"
  }
}

Revoke Team API Key

Method: POST Endpoint: /api/preview/teamkeys/{id}:revoke

Suspend usage of a team API key, changing the status to INACTIVE.

Example Request:

curl -X POST "https://<base-url>/api/preview/teamkeys/7ddd5e0c-29cd-41c5-b41f-884b2d24b05d:revoke" \
 -H "accept: application/json"

Example Response:

{}

Reinstate Team API Key

Method: POST Endpoint: /api/preview/teamkeys/{id}:reinstate

Reinstates a previously revoked team API key, changing the status to ACTIVE.

Example Request:

curl -X POST "https://<base-url>/api/preview/teamkeys/7ddd5e0c-29cd-41c5-b41f-884b2d24b05d:reinstate" \
 -H "accept: application/json"

Example Response:

{}

Update Team API Key

Method: PATCH Endpoint: /api/preview/teamkeys/{value.id}

Use this operation to update the display name of a team API key.

Example Request:

curl -X PATCH "https://<base-url>/api/preview/teamkeys/7ddd5e0c-29cd-41c5-b41f-884b2d24b05d" \
 -H "accept: application/json"\
 -H "content-type: application/json" \
 -d '{"name":"Updated API Key"}'

Example Response:

{
  "value": {
    "id": "7ddd5e0c-29cd-41c5-b41f-884b2d24b05d",
    "access_key": "",
    "name": "Updated API Key",
    "created_at": "2024-08-26T21:29:59.409761363Z",
    "last_access_at": "2024-08-26T21:29:59.409761363Z",
    "status": "ACTIVE",
    "team_id": "60437fa0-15ab-4c1f-a211-010543ac8a89"
  }
}

PreviousTeam and User Management APIs NextSCIM Provisioning

Last updated 8 months ago

Was this helpful?

{ "values": [ { "id": "54807783-c5ec-4efd-9d1b-853bada658dd", "access_key": "", "name": "AWS Team Key", "created_at": "2024-06-25T08:30:17.087351612Z", "last_access_at": "2024-06-25T08:30:17.087351612Z", "status": "ACTIVE", "team_id": "60437fa0-15ab-4c1f-a211-010543ac8a89" } ], "next_page_token": "" }

curl -X POST "https://<base-url>/api/preview/teamkeys" \ -H "accept: application/json" \ -H "content-type: application/json" \ -d '{"name":"New Team API Key","team_id":"60437fa0-15ab-4c1f-a211-010543ac8a89"}'

{ "value": { "id": "7ddd5e0c-29cd-41c5-b41f-884b2d24b05d", "access_key": "<access key>", "name": "New Team API Key", "created_at": "2024-08-26T21:29:59.409761363Z", "last_access_at": "2024-08-26T21:29:59.409761363Z", "status": "ACTIVE", "team_id": "60437fa0-15ab-4c1f-a211-010543ac8a89" } }

{ "value": { "id": "7ddd5e0c-29cd-41c5-b41f-884b2d24b05d", "access_key": "", "name": "Updated API Key", "created_at": "2024-08-26T21:29:59.409761363Z", "last_access_at": "2024-08-26T21:29:59.409761363Z", "status": "INACTIVE", "team_id": "60437fa0-15ab-4c1f-a211-010543ac8a89" } }

{ "value": { "id": "7ddd5e0c-29cd-41c5-b41f-884b2d24b05d", "access_key": "", "name": "Updated API Key", "created_at": "2024-08-26T21:29:59.409761363Z", "last_access_at": "2024-08-26T21:29:59.409761363Z", "status": "ACTIVE", "team_id": "60437fa0-15ab-4c1f-a211-010543ac8a89" } }

Team API Keys

Overview

List Team API Keys

Create Team API Key

Remove Team API Key

Revoke Team API Key

Reinstate Team API Key

Update Team API Key

Overview

List Team API Keys

Create Team API Key

Remove Team API Key

Revoke Team API Key

Reinstate Team API Key

Update Team API Key

List API keys for teams

Remove team API Key

Revoke team API Key

Reinstate a revoked team API Key

Create a new team API key for a service account

Update team API key metadata