Syvizo

Verify API Key



When to use

Use this policy when you want to authenticate and authorise API requests based on API keys sent as part of the requests.



Details

The API Key identifies the user or application and the resource specific accesses available for the request. Usually API Keys are used for API products and Developer Apps. When external developers subscribe to the API products, they can create applications and an API Key is generated for each application. This API key is valid for the certain duration and provides access to the API paths that are part of any of the products which user has added to the application. 


When making a request to API the API Key will be sent with the request. API Flow Manager extracts this API key and checks for its validity and resource accesses to allow or disallow the API request.



Configuration

The configuration fields for the policy are:

[* Indicates a mandatory field]

Name *: Display name of the policy

Description: Description of policy

Enabled: Flag to indicate if the policy is enabled. If this field is not checked, the policy will be ignored at runtime and any fields from its output will contain a default initial value

Continue on Error: Flag to indicate that the flow should continue even if this policy throws an error



Input fields

apiKey: api key sent as part of request



Output fields

isValid: Returns a boolean true if the api key is valid and access is allowed to the request