What is an API Key?
An API key is an authentication credential that can be used to access the BrickFTP REST API. This API can be used for integrating BrickFTP with your own applications, as well as other applications via our Zapier integration. API keys are independent from one another, and are easily disposable. By generating unique API keys for each of your applications or servers, you can easily revoke them if needed without disrupting your other integrations.
BrickFTP supports two types of API keys: Site-wide keys and User keys. Site-wide keys provide full access to the entire API, while user keys will provide access based on the permissions of the associated user. For example, the key of an administrator will provide full access to the entire API, while the key of a non-administrator will only provide access to files that the user can access, and no access to site administration functions in the API.
Managing API Keys
You can manage your API Keys from the BrickFTP web interface by logging in as an administrator and navigating to Settings > API. (Note that you can also manage user API keys from the API itself.)
Generating API Keys
Site-wide keys are generated from Settings > API. User keys are generated from Users > [username].
- Click the API Keys setting on the left.
- Enter a Name for the API key. This is simply a label to help you keep track of your different keys.
- Optionally set a Valid through date to have the key automatically expire after the given date.
- Click the add key button and copy your provided key.
Note that an API key will only be displayed once, so be sure to copy it and store it in a secure location. If an API key is ever lost or otherwise compromised, you should immediately revoke it and generate a new one.
Revoking API Keys
API keys can be revoked at any time by clicking the Delete button in the Actions column. When a key is revoked, API calls using that key will fail, and any integrations using that key will no longer function.