GIOT Portal

⌘K
  2. Home
  4. Docs
  6. GIOT Portal
  8. API

API

[vc_row][vc_column][vc_column_text css=\”\”]

API Key Setup

To access the API, you first need to create an authentication key within
the system.
Log in to your administrator tenant account and navigate to the Tenant
page from the Administration menu. Select the API tab and click on the
Create API key button. Enter a name, description, expiry date, and select a
tenant whose data the API key will access. Choose the necessary permissions
for the API key, then click Next. Important: Ensure to store the API Key
securely, it will not be displayed again! Administrators can cancel the
API key creation by clicking Cancel.

API Key Settings

After creating the API key, you can modify its name, description,
permissions and expiry date in API Key Settings tab accessed through the
Edit button. Ensure that the correct permissions are set; otherwise, the token
will fail authentication if incorrect or no permissions are assigned.
API Key permissions define which types of API calls the token can
perform:

  • Read Permission: Allows the API token to retrieve data from the
    system. This is associated with all GET requests.
  • Write Permission: Allows the API token to modify existing data
    within the system. This is associated with PUT requests.
  • Create Permission: Allows the token to create new resources
    within the system. This is associated with POST requests.
  • Delete Permission: Allows the token to remove resources from
    the system. This is associated with DELETE requests.

API Key expiry data determines the date after which the API Key will no
longer be valid. This ensures that keys are not active indefinitely, adding an
additional layer of security. If no expiry date is set, the key remains valid
until manually revoked.

API Key Group

In the API Key Group tab, you can assign a specific tenant or device
group to the API key. This defines which tenant or device group data the API
key is allowed to access.

  • If an API key is associated with a tenant, it can only access groups
    and devices within that tenant through API requests.
  • If an API key is associated with a device group, it can only access
    devices within that group through API request.
  • If no tenant or group is assigned to the API key the token will have
    access to all groups and devices within all available tenants.

This setup allows fine-grained control over what devices the API key can
interact with, ensuring that keys are restricted to specific tenants or/and
device groups when necessary.[/vc_column_text][/vc_column][/vc_row]

Articles

How can we help?