An API key is typically used in conjunction with one of Hornbill's import utilities to avoid the need to specify passwords in configuration files that will be located outside of Hornbill. Each of the Hornbill import utilities must perform their actions in the context of a user account and in order to do this an API key must be created.
It is good practice to create and use API keys in conjunction with bespoke development work and integration with other systems that involves information being passed into your Hornbill instance from these other systems. An API key will also be used by Hornbill Customer Success team when assisting with support requests if investigation requires access to a Hornbill instance.
Creating and Managing API Keys
Since any API key is tied to a Hornbill user, to create one, navigate to the user profile in admin tool: Home - System - Organisational Data - Users. Once the user profile is displayed then navigate to the API Keys tab.
Click on the + button to start creating a new API key.
- This is a simple description of the API key that is being created
- This defines the current state of the API key. The options are Active, Revoked or Suspended. Any API key that is not in Active state cannot be used.
- This defines the date and time until the API key is active. Once the expiry date is reached the API key can no longer be used.
- This is a list of Hornbill APIs (https://api.hornbill.com/) that can be used by the API key. You can restrict the use of an API key here by specifying only certain APIs that can be used by the API key. An example is an API key used for data import which can be restricted to have access only to the APIs used by the import. Each rule needs to be in the following format: <service>:<api_name>. Replace <service> and <api_name> with relevant values. These can be found in our API documentation.
Click on the "Create" button to finish creating the new API key.