Genea authenticates your API requests using the Global API keys. If you do not include your key when making an API request or use one that is incorrect or outdated, Genea returns an error.
Your customized application can use API (Application Programming Interface) keys to authenticate access to Genea resources. They are the preferred alternative to using a username and password because you can revoke an API key at any time without having to change your username and password.
Creating a Global API Key
1. Only Global Admins can create and manage the global API key for your application. To create a new key,
a. From Global Overview (available only for Mercury portals)
Navigate to API Keys from the global overview.
b. From Location view (available for both VertX and Mercury portals)
Navigate to Integrations from your Genea admin dashboard.
Scroll down to the section "Roll your own". Click on API > Manage.
2. Click on +New
3. Enter the name of the key and optional description. Click "Save".
Keeping your API keys safe
Your secret API key can be used to make any API call on behalf of your Genea accounts. Treat your secret API key as you would any other password. Grant access only to those who need it. Your new secret keys are only visible the first time you create them. Please copy this API key and save it somewhere safe. For security reasons, do not put it directly in your code, or commit it somewhere public like GitHub.
Limiting access with restricted API keys
Your account’s secret API keys can be used to perform any API request without restriction. For greater security, you can create restricted API keys that limit access to, and permissions for, different resources in Genea of your account data.
A restricted key allows only the minimum level of access that the application needs while protecting account data it doesn’t need. For example, you can create a restricted key that grants read-only access to Hardware, then use it with a hardware monitoring application.
Managing the API keys
Regenerate the API Key
At any point in time, you can regenerate the API key, restrict its permissions or delete it. Note that when you regenerate the key, the new key needs to be replaced wherever you have been using it for integrations.
Edit the API Key
You can change the permissions given to a specific API key by clicking on Edit under actions.
Make the changes to the API key and click Save.
Delete the API Key
The API key can be deleted from Actions > Delete.
Once a key is deleted, your integration if any running with the key will not work anymore.