CentraSite Documentation : Working with the CentraSite Business UI : API Management Solutions : Predefined Policies for API Management : The Access Key Management Policies : API Key Revocation Policy
API Key Revocation Policy
 
Revoke API Key Action
Create Auditable Events Action
Send Email Notification Action
After an API key is generated, users sometimes want to revoke the key in case of malfunction. API Provider can revoke API keys to disable access to an API subscribed by a consumer.
When a provider requests for revocation of an API key, CentraSite internally creates and triggers an API Key Revoke policy for the API. A request for the key revocation is subsequently submitted to all members of the approval list specified in the Initiate Approval action. The approvers can either approve or decline the request. If the approvers approve the request, CentraSite revokes the API key, and notifies the consumer that the API is now unavailable for consumption.
Note:  
To use the email options provided by this policy, CentraSite must have a connection to an SMTP email server. For instructions on how to configure CentraSite's connection to an email server, see the CentraSite Administrator’s Guide .
The following actions are typically used with the API Key Revocation policy.
*The Revoke API Key action is used to revoke an API key for the API.
*The Create Auditable Events action is used to capture the audit logs in revoking the API key.
*The Send Email Notification action is used to send an email message to the API consumer about revocation of the API key.
Object Scope
API Key
Event Scope
On-Trigger
Copyright © Software AG, Darmstadt, Germany.
Product LogoContact Support   |   Community   |   Feedback