Token API
The Token
API is a REST API that enables you to manage the API keys used to access the Delivery
API. These API keys are long-lived and are not session-based tokens. After creating a key, you can continue to use it (with additional calls to the API) until you revoke it.
Base URL
The base URL for Token
API requests is: https://edge.sitecorecloud.io/api/apikey/v1
Authentication
All endpoints use bearer authorization.
Headers
The following header is required:
Name |
Format |
Purpose |
---|---|---|
|
|
A JSON web token (JWT). Request a JWT for Experience Edge XM. |
Endpoints
The Token
API has the following endpoints:
-
Create
- generates an API key. -
ListAll
- lists all API keys in your tenant. -
GetApiKeyByHash
- retrieves a single API key by its hash value. -
GetApiKeyByToken
- retrieves a single API key identified by its token. -
RenameByHash
- renames an API key that was identified by its hash value. -
RenameByToken
- renames an API key that was identified by its token. -
RevokeByHash
- revokes an API key identified by its hash value. -
RevokeByToken
- revokes an API key identified by its token.
Create
When you generate a key, you must define audience and content scopes. The following scopes are required for Experience Edge for XM:
-
audience-delivery
- authorizes access to theDelivery
API. -
content-#everything#
- allows access to all content.
You can not create additional scopes or scope types.
The Create
endpoint generates an API key:
Relative route |
|
HTTP verb |
|
Body |
The structure of RequestResponse
|
Response |
The response is the token - a base 64 string. For example:
|
Example |
The following example requests the scope of RequestResponse
|
ListAll
The ListAll
endpoint lists all API keys in your tenant:
Relative route |
| ||||||||||||||||||
HTTP verb |
| ||||||||||||||||||
Query string parameters |
The following parameters are required:
Use the following example structure to query using parameters:
Note The | ||||||||||||||||||
Response |
The response is an array of RequestResponse
|
GetApiKeyByHash
The GetApiKeyByHash
endpoint retrieves a single API key by its hash value:
Relative route |
| ||||||
HTTP verb |
| ||||||
Route parameters |
The following parameter is required:
| ||||||
Response |
The response is the RequestResponse
|
GetApiKeyByToken
The GetApiKeyByToken
endpoint retrieves a single API key identified by its token:
Relative route |
| ||||||
HTTP verb |
| ||||||
Header |
The following header is required:
| ||||||
Response |
The response is the RequestResponse
|
RenameByHash
The RenameByHash
endpoint renames an API key identified by its hash value:
Relative route |
| ||||||
HTTP verb |
| ||||||
Route parameters |
The following parameter is required:
| ||||||
Body |
The body request must contain the following fields:
| ||||||
Response format |
The response is a Boolean value indicating whether the key was renamed successfully. |
RenameByToken
The RenameByToken
endpoint renames an API key identified by its token:
Relative route |
| ||||||
HTTP verb |
| ||||||
Header |
The following header is required:
| ||||||
Body |
The body request must contain the following fields:
| ||||||
Response |
The response is a Boolean value indicating whether the key was renamed successfully. |
RevokeByHash
The RevokeByHash
endpoint revokes an API key identified by its hash value:
Relative route |
| ||||||
HTTP verb |
| ||||||
Route parameters |
The following parameter is required:
| ||||||
Response |
The response is a Boolean value indicating whether the key was revoked successfully. |
RevokeByToken
The RevokeByToken
endpoint revokes an API key identified by its token.
Relative route |
| ||||||
HTTP verb |
| ||||||
Header |
The following header is required:
| ||||||
Response |
The response is a Boolean value indicating whether the key was revoked successfully. |