This page describes how to manage REST API Keys.

The Analytics Events REST API provides three independent endpoints for these responsibilities:

  • Schema Management
  • Publish Events
  • Query Events

API Keys provide a secure authentication mechanism for a caller to prove identity when using these public REST APIs.

Because call sites can vary across your infrastructure, departments, and geographic regions, these credentials could be widely distributed and hard to control. Publishing or querying events from different call sites, therefore, require fine-grained control over the keys and the operations allowed for a particular key. You may also need to revoke these keys on demand if they are found to be compromised.

For these reasons, managing access for the Analytics Events API uses API keys.  Your organization can create multiple API keys, manage and distribute them based on your own internal policies.  For instance, each department or geographic region may be assigned its own API key for distribution and control management. If an API key is compromised, it can be deleted and a new key created without other undesirable side effects.

API keys are only valid for calling the public Analytics Events REST API and can't be used to access the AppDynamics Controller or data in any other way. See Analytics Events API.

Permissions

API keys are used only for Analytics Events REST APIs. When you create an API key, you can specify read and write permissions for each API key.

Users with the Manage API permission can do the following actions:

  • Add—Creates an API key
  • Disable—Deactivates the calls using that key temporarily, but does not remove the key
  • Enable—Re-enables a deactivated key
  • Delete—Removes the key permanently 

It may take up to 15 minutes for a key that has been deleted or deactivated to be detected and all operations using that key to be rejected. 

When you create an API key, you see permissions for the various event types (logs, transactions, browser, and mobile) in our platform. By using these permissions you can limit or grant access to specific event types for each specific API key.

Examples: 

Select Publish all Custom Events when you create their API key to generate an API key for your partners allowing them to only publish custom events. 

Under Log Permissions, select apache as the source type to generate an API key to allow various users to only query Apache log data. 

Once an API Key is created, you cannot change the permissions.
You can grant permissions for API Keys as follows:
Custom Analytics Events

    • Manage Schema— Enables creation of schemas using the Analytics Events Schema Management APIs.
    • Query Custom Events—Enables you to query all Analytics event types (with the appropriate permissions).
    • Publish Custom Events—Enables you to publish Analytics custom events using the Analytics Events Publish APIs.

Transactions—Query all transactions or specific applications.

Logs—Query all logs or specific source types.

Browser Requests—Query all browser requests or specific applications. 

Mobile RequestsQuery all mobile requests or specific applications.

Synthetic Requests Permissions—Query all synthetic requests data or specific applications.

Connected Devices Permissions—Query all connected device requests data or specific applications.

If you have deployed EUM such that you are using an on-premises Events Service for transaction and log analytics data, and the SaaS Events Service for your EUM data, you can not query the browser or mobile request data using the Analytics API.

Create API Keys

  1. Navigate to Analytics > Configuration > API Keys. You can view existing keys and access actions to manage the keys. 
  2. Click +Add to view the configuration panel.
  3. Add a Name and Description

    Do not click Create until you finish selecting all the necessary permissions for your use case, including any necessary analytics data permissions. You cannot change the permissions once create the key. You can only edit the description and whether the key is active or inactive.

  4. Expand each permission section to select the permissions for this key.

  5. Click Create

  6. Copy and save the key. 

  7. Select the checkbox indicating you have copied the key and click Done

    You cannot retrieve the key once you dismiss this dialog.