Skip to main content

API Keys

The API Keys interface provides a way to create and manage API keys for programmatic access to Workshop. These keys allow automated systems and scripts to interact with the Workshop API without requiring user authentication.

Workshop API keys follow a specific format to ensure security and traceability:

  • Prefix: npsws_sk_ - Identifies the key as a Workshop secret key
  • Body: A hexadecimal string that serves as the unique identifier and authentication token

Overview

The API Key dashboard displays information about each key:

  • Name: The unique name identifier for the API key
  • Role: The permission level assigned to the key (e.g., superadmin, readonly)
  • Creator: The user who created the API key
  • Expires: The expiration date and time of the key

API Key Roles

Workshop supports different roles for API keys:

  • superadmin: Full access to all API endpoints
  • readonly: Read-only access to API endpoints

Each role determines which API endpoints the key can access based on the permission requirements defined in the API.

Creating API Keys

To create a new API key, click the "Create" button and fill in the required information:

  • Key Name: A descriptive name for the API key (5-50 characters)
  • Role: The permission level for the key
  • Expiry: How long the key will remain valid (1 week, 1 month, 3 months, or 1 year)

Managing API Keys

The API Keys dashboard allows you to:

  • View existing keys: See all API keys, their roles, creators, and expiration dates
  • Delete keys: Remove API keys that are no longer needed or may have been compromised