Skip to content

Managing API keys

API Keys can be used in the Management API, Exposure API and Analytics API.

To enable the usage of API-keys in the Exposure API contact Red Bee Media.

API keys are managed in the customer portal -> SETTINGS -> SERVICE SETTINGS

Customer or Business Unit API keys

Customer API keys can be used in end points on customer level and on business unit level.

Assume you have a customer Acme with two business units AcmeEast and AcmeWest, then a customer API key may grant access to APIs such as

  • https://management.api.redbee.live/customer/Acme/feature1
  • https://management.api.redbee.live/customer/Acme/businessunit/AcmeEast/feature1
  • https://management.api.redbee.live/customer/Acme/businessunit/AcmeWest/feature1

On the other hand a Business Unit key for Acme/AcmeEast may only grant access to APIs such as

  • https://management.api.redbee.live/customer/Acme/businessunit/AcmeEast/feature1

API Key properties

  • NAME A name for the key, not used for by the platform
  • DESCRIPTION A description of the key e.g. which system is using it and for what purpose, not used by the system
  • User groups used to determine what type of operations the API key may be used for
  • Should expire If and when an API key expires, after which it is no longer valid
  • Key Idan Id generated when the key is created
  • Key secret a secret generated when the key is created

The Key secretis only shown when the key is created and will not be possible to retrieve later, make sure to securely store the API key's id and secret in a secure vault.

User groups

An API key may be part of the following groups:

User Group Description
Owner and Administrator Can manage all aspects of the service
Service Administrator Can manage all aspects of the service, except managing API keys and change customer account details
Editor Can manage content and apps
Ingest of assets, series, seasons and EPG:s Can ingest content
View only Can read most aspects of the service
Exposure API access Can be used in privileged Exposure API endpoints

Usage in the Management API and Analytics API

EMP Management API and Analytics API uses HTTP Basic Authentication.

The API key's keyId is used as user name and the key's secret as password.

Example: if the keyId is id_123456 and the secret is secret_1234456 the following header is to be used in requests:

Authorization: Basic aWRfMTIzNDU2OnNlY3JldF8xMjM0NDU2

Where

aWRfMTIzNDU2OnNlY3JldF8xMjM0NDU2 is

id_123456:secret_1234456 Base64 encoded.

Usage in the Exposure API

Some requests in the Exposure API accepts a header EMP-Auth, which uses the same encoding as the Authorization header value in the Management API, such as

EMP-Auth: Basic aWRfMTIzNDU2OnNlY3JldF8xMjM0NDU2.

To enable the usage of API-keys in the Exposure API contact Red Bee Media.