CentraSite Documentation : Working with the CentraSite Business UI : API Management Solutions : Predefined Policies for API Management : The Access Key Management Policies : API Key Renewal Policy
API Key Renewal Policy
 
Initiate Approval Action
Renew API Key Action
Deploy API Key Action
Create Auditable Events Action
Send Email Notification Action
After an API key is generated, users sometimes want to renew the old key due to expiration or security concerns. API Consumers can re-generate/renew API keys to change the default expiration time of an API key, consumer of an API generates the API key which serves as an authentication token when the consumer requests for consumption of the API.
When a consumer requests for renewing an API key (as described in Renewing API Keys), CentraSite internally creates and triggers an API Key Renewal policy for the API. A request for the API key renewal is subsequently submitted to all members of the approval list specified in the Initiate Approval action. The approvers can either approve or decline the request. If the approvers approve the request, CentraSite re-generates the API key, deploys the generated key in the Mediator, and notifies the consumer that the API is now ready for consumption using the newly generated key.
Note:  
To use the email options provided by this policy, CentraSite must have a connection to an SMTP email server. For instructions on how to configure CentraSite's connection to an email server, see the CentraSite Administrator’s Guide .
The following actions are typically used with the API Key Renewal policy.
*The Initiate Approval action is generally used to obtain necessary approvals for a consumer prior to executing the Renew API Key action.
*The Renew API Key action is used to re-define the default expiration interval of an API key, and re-generate the API key for the API.
*The Deploy API Key is typically executed after the Renew API Key action to redeploy the newly generated key in the Mediator.
*The Create Auditable Events action is used to capture the audit logs in changing the validity of the API key.
*The Send Email Notification action is used to send an email message to the API consumer with details of the new validity of API key.
Object Scope
API Key
Event Scope
On-Trigger
Copyright © Software AG, Darmstadt, Germany.
Product LogoContact Support   |   Community   |   Feedback