Request for an API endpoint that allows users to programmatically retrieve metadata

XMLWordPrintable

    • 1

      Summary:

      Request for an API endpoint that allows users to programmatically retrieve metadata—including expiration date—about the specific API key used to authenticate the request. This would enable automation and proactive management of API key lifecycles.

      Problem Statement

      Currently, the The API Access REST API allows the retrieval of metadata for all API keys in an organization. However, these endpoints do not return the actual API key value, making it impossible to correlate a key in hand with its metadata (such as expiration date) unless you have access to all keys or can match by other attributes.

      This limitation prevents users from:

      • Programmatically determining the expiration date of the API key they possess.
      • Setting up automated alerts or renewal workflows for their own API keys.
      • Ensuring continuity of integrations that rely on expiring API keys.

      Use Case

      As a user or system administrator, I want to:

      • Use an API key to authenticate a request and retrieve metadata (including expiration date) for that specific key.
      • Automate monitoring and alerting for key expiration to avoid service interruptions.
      • Optionally, query for keys with a specific scope to better manage permissions and lifecycle.

      Proposed Solution

      1. New Endpoint

      Introduce an endpoint such to:

      • Returns metadata (including expiration date, scopes, etc.) for the API key used to authenticate the request.
      • Response: A single object representing the authenticated API key, similar to the objects returned by The API Access REST API

      2. Optional: Filter by Scope

      Enhance existing endpoints to allow filtering API keys by scope, etc.

      Benefits

      • Automation: Enables scripts and systems to monitor their own API key expiration and alert or renew as needed.
      • Security: Reduces risk of expired keys causing outages or requiring emergency manual intervention.
      • Usability: Simplifies key management for users who lack admin access to all keys within the organization.

      Additional Notes

      • The endpoint should not return the API key value itself, only metadata.
      • This feature is especially useful for organizations with multiple users and automated systems relying on expiring API keys.

            Assignee:
            Unassigned
            Reporter:
            Mario Avello
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: