fetch API Key in runtime

ramya · 05-27-2019 07:01 AM

Hi,

I have setup an API Proxy with Secured with API Key. I have already set up all the things required like App and API Product.

I am looking for a way to fetch the API Key for an App during runtime ( not using curl) may be as API Call passing email and password and App Names.

Any Suggestions??

Thanks in Advance.

sidd-harth

Why do you want to fetch the apikey using an API Call? The key is available in the developer app.

Additionally you can use Apigee Management APIs to fetch the APIKEY.

https://apidocs.apigee.com/management/apis/get/organizations/%7Borg_name%7D/developers/%7Bdeveloper_...

ramya

Hi,

Thanks for the reference link . I am trying something here:
I have an API Proxy with API Key Security.

API Key is available in the Developer Apps

But when I deploy or want to use this API Proxy from external Apps, I do not know the API Key. Or End-users cannot remember the API Keys. Instead, they can always remember the user credentials, which in-turn can provide assgined API Key which then can be used to access the actual API Proxy.

sidd-harth

Ok, first of all, API Proxies are not consumed by end-users directly.

You as an API Developer should expose the API in a developer portal. APPLICATION developer explores and creates apps in the portal to test the APIs. Here the App developers get the API keys. The APP developer can hardcode the API key in the App code or use some logic to get the keys using Management APIs.

BTW API Key is not recommended for security purpose. Use OAuth/JWT for security. API Key is used to identify the developer application.