Managing API keys

API keys provide a secure way to authenticate in requests made using the Helix ALM REST API. Instead of authenticating and storing a username and password, you use a key, which consists of a key ID and a key secret.

To use a key for authentication, you create a key for the user you want to use to authenticate with and then use the generated key ID and key secret in the Authentication header in the REST API. See Authorization in the REST API help.

API keys are shared globally across all Helix ALM projects. Any changes you make to them affect all projects.

You can also manage API keys in the Helix ALM desktop client. See the Helix ALM help.

To manage API keys, you must have one of the following license server security permissions: 'User can administer all license server functions' or 'User can only manage global users'.

1. Choose View > Manage API Keys.

The Manage API Keys dialog box opens.

You can also manage API keys for a specific user when you are editing or viewing their user record. See Editing users.

2. Select a key Owner to filter the list to only show keys for a specific user. The list includes all global users. You can also search for an owner or key.

If the Owner field is not available, you can only manage your own API keys. This field is not available if you do not have the required license server permissions or if you opened the Manage API Keys dialog box when editing or viewing a specific user.

3. Click Add to add a new key. See Adding API keys.

4. Select a key and click Edit to edit the key name and description. See Editing and deleting API keys.

5. Select a key and click Delete to delete it.

6. Click Close when you finish.