Skip to main content

API key management

Overview

This guide provides step-by-step instructions for API key management, covering both targeted and comprehensive actions.

Targeted actions include:

Comprehensive actions include clearing multiple API keys and listing all available API keys.

Benefits

Managing API keys with DigiCert®​​ DNS enhances security by preventing unauthorized access and reducing the risk of credential leakage through key rotation and expiration. Granular access controls ensure compliance with internal policies and external standards, supporting auditability, traceability, and visibility. By simplifying the entire key lifecycle, the platform improves operational efficiency and enables seamless integration with external systems.

Procedures

Clear multiple API keys

注意

This procedure clears all API keys generated by the user. Follow Path 1 if you are an administrator, or Path 2 if you are a standard user.

To test this function, call this API endpoint: POST /accessmanagement/api-key/bulk/delete

Path 1

  1. Sign in to your DigiCert®​​ DNS account.

  2. From the landing page, go to the left sidebar and select Settings > Access Management.

  3. In the API KEYS tab, select the checkboxes next to the API keys you want to delete.

  4. Go to Actions > Delete API Key.

  5. In the Confirm Deletion dialog, select Confirm.

    A message appears confirming the successful clearance of the API keys.

Path 2

  1. Sign in to your DigiCert®​​ DNS account.

  2. From the landing page, click the user icon in the top right corner and select My API Keys.

  3. From the overflow menu (three vertical dots) at the end of the API key's row, select Delete Key.

  4. In the Confirm Deletion dialog, select Confirm.

    A message appears confirming the successful clearance of the API key.

  5. Repeat Steps 3-4 as needed.

Delete a specific API key

注意

This procedure deletes a specific API key (apikey1) created in an earlier procedure. Follow Path 1 if you are an administrator, or Path 2 if you are a standard user.

To test this function, call this API endpoint: DELETE /accessmanagement/api-key/{apiKeyId}

Path 1

  1. Sign in to your DigiCert®​​ DNS account.

  2. From the landing page, go to the left sidebar and select Settings > Access Management.

  3. In the API KEYS tab, select the checkbox of the API key you want to delete (for example, apikey1).

  4. Go to Actions > Delete API Key.

    Alternatively, select the overflow menu (three vertical dots) at the end of the API key's row, and select Delete Key.

  5. In the Confirm Deletion dialog, select Confirm.

    A message appears confirming the successful deletion of the API key.

Path 2

  1. Sign in to your DigiCert®​​ DNS account.

  2. From the landing page, click the user icon in the top right corner and select My API Keys.

  3. Locate the API key you want to delete (for example, apikey1).

  4. From the overflow menu (three vertical dots) at the end of the API key's row, select Delete Key.

  5. In the Confirm Deletion dialog, select Confirm.

    A message appears confirming the successful deletion of the API key.

Generate an API key

注意

This procedure generates two API keys: apikey1 and apikey2. These API keys are referenced in other procedures. Follow Path 1 if you are an administrator, or Path 2 if you are a standard user.

To test this function, call this API endpoint: POST /accessmanagement/api-key

Path 1

  1. Sign in to your DigiCert®​​ DNS account.

  2. From the landing page, go to the left sidebar and select Settings > Access Management.

  3. Select the USERS tab.

  4. Select the user whose keys you want to manage.

  5. Select the Generate API Key button.

  6. In the Generate API Key dialog:

    1. Enter a name for the key in the Name field (for example, apikey1).

    2. Select an expiration option.

      The default expiration date is set to one year from the current date.

    3. (Optional) Add a note.

      This can be viewed later by clicking the note icon next to the key.

    4. Select Save to generate the API key.

  7. In the API Key Generated - Action Required dialog:

    1. Select Copy to copy the generated key.

    2. Select Done to complete the process.

      A message appears confirming the successful generation of the API key.

  8. Repeat Steps 4-7 to create another API key, apikey2.

Path 2

  1. Sign in to your DigiCert®​​ DNS account.

  2. From the landing page, click the user icon in the top right corner and select My API Keys.

  3. Select the Generate API Key button.

    A maximum of two API keys can exist at any given time.

  4. In the Generate API Key dialog:

    1. Enter a name for the key in the Name field (for example, apikey1).

    2. Select an expiration option.

      The default expiration date is set to one year from the current date.

    3. (Optional) Add a note.

      This can be viewed later by clicking the note icon next to the key.

    4. Select Save to generate the API key.

  5. In the API Key Generated - Action Required dialog:

    1. Select Copy to copy the generated key.

    2. Select Done to complete the process.

      A message appears confirming the successful generation of the API key.

  6. Repeat Steps 3-5 to create another API key, apikey2.

List all available API keys

注意

This procedure displays all API keys generated by the user. Follow Path 1 if you are an administrator, or Path 2 if you are a standard user.

To test this function, call this API endpoint: GET /accessmanagement/api-key

Path 1

  1. Sign in to your DigiCert®​​ DNS account.

  2. From the landing page, go to the left sidebar and select Settings > Access Management.

  3. Select the API KEYS tab.

    The table displays the API keys associated with all accounts.

Path 2

  1. Sign in to your DigiCert®​​ DNS account.

  2. From the landing page, click the user icon in the top right corner and select My API Keys.

Return the details of a specific API key

注意

This procedure displays the details of a specific API key (apikey1) created in an earlier procedure. Follow Path 1 if you are an administrator, or Path 2 if you are a standard user.

To test this function, call this API endpoint: GET /accessmanagement/api-key/{apiKeyId}

Path 1

  1. Sign in to your DigiCert®​​ DNS account.

  2. From the landing page, go to the left sidebar and select Settings > Access Management.

  3. Select the API KEYS tab.

    The table displays the API keys associated with all accounts.

  4. Locate the API key you want to view (for example, apikey1).

    If needed, use Filters to quickly find a specific API key.

  5. Select Columns at the top of the results table, then select all the checkboxes to ensure that all API key information is displayed.

Path 2

  1. Sign in to your DigiCert®​​ DNS account.

  2. From the landing page, click the user icon in the top right corner and select My API Keys.

  3. Locate the API key you want to view (for example, apikey1).

Rotate a specific API key

注意

This procedure rotates a specific API key (apikey1) intended for use in testing API endpoints. This key's value will be required to generate an authentication token and must not be shared. DigiCert​​®​​ recommends storing it securely.

Follow Path 1 if you are an administrator, or Path 2 if you are a standard user.

To test this function, call this API endpoint: POST /accessmanagement/api-key/{apiKeyId}/rotate

Path 1

  1. Sign in to your DigiCert®​​ DNS account.

  2. From the landing page, go to the left sidebar and select Settings > Access Management.

  3. Select the API KEYS tab.

    The table displays the API keys associated with all accounts.

  4. Locate the API key you want to rotate (for example, apikey1).

    If needed, use Filters to quickly find a specific API key.

  5. Select the overflow menu (three vertical dots) at the end of the API key's row, and select Rotate Key.

  6. In the Rotate API Key dialog:

    1. (Optional) Modify the expiration option.

    2. (Optional) Modify the note.

    3. Select Save to rotate the API key.

  7. In the API Key Rotated - Action Required dialog:

    1. Select Copy to copy the rotated key.

    2. Select Done to complete the process.

      A message appears confirming the successful rotation of the API key.

Path 2

  1. Sign in to your DigiCert®​​ DNS account.

  2. From the landing page, click the user icon in the top right corner and select My API Keys.

  3. Locate the API key you want to rotate (for example, apikey1).

  4. From the overflow menu (three vertical dots) at the end of the API key's row, select Rotate Key.

  5. In the Rotate API Key dialog:

    1. (Optional) Modify the expiration option.

    2. (Optional) Modify the note.

    3. Select Save to rotate the API key.

  6. In the API Key Rotated - Action Required dialog:

    1. Select Copy to copy the rotated key.

    2. Select Done to complete the process.

      A message appears confirming the successful rotation of the API key.

Update a specific API key

注意

The current version of DigiCert®​​ DNS does not include a dedicated front-end tab for updating a specific API key. To complete this procedure, use the following endpoint:

PUT /accessmanagement/api-key/{apiKeyId}

For help configuring your testing environment, refer to the API guide.

本节内容如下: