Revoking and approving developer app keys

You're viewing Apigee Edge documentation.
Go to the Apigee X documentation.
info

This topic explains how to use the UI and APIs to revoke or approve API keys for products in developer apps and for developer apps.

Using the UI to revoke the key for a specific API product in a developer app

You can revoke the key associated with a specific API product through the UI. The effect is that the API resources defined in that API product will no longer be accessible unless the key is re-approved.

Revoke the key, as described below.

Edge

To revoke the key using the Edge UI:

  1. Sign in to apigee.com/edge.
  2. Select Publish > Apps in the left navigation bar.
  3. Select the app that contains the key you wish to revoke.
  4. In the Developer app page, click .
  5. In the Credentials section, select Revoke in the Status drop-down menu.

Classic Edge (Private Cloud)

To revoke the key using the Classic Edge UI:

  1. Sign in to http://ms-ip:9000, where ms-ip is the IP address or DNS name of the Management Server node.
  2. Select Publish > Developer Apps in the top navigation bar.
  3. From the list of apps, select the one that contains the key you wish to revoke.
  4. In the Developer app page, click Edit.
  5. In the Products section, click Revoke to revoke the key for the product you wish to revoke.

Using the UI to approve the key for a specific API product in a developer app

You can approve a previously revoked consumer key for an API product in a developer app through the management UI. The client app will once again be able to access the APIs in that product.

To approve an API product key:

  1. Log in to your Apigee Edge account.
  2. From the main menu, select Publish > Developer apps.
  3. From the list of apps, select the one that contains the key you want to approve.
  4. In the Developer app page, click Edit.
  5. In the Products section, click Approve to reinstate the key.

Revoking and approving keys for API products with the Edge API

Edge provides APIs that let you manage API key status, depending on your use case. In the developer app JSON below, the location of each approve/revoke flag is indicated for each of these three cases:

  • (1) Revoking/approving keys for specific API products in a developer app. This API does exactly what the UI operations described previously in this topic do. See Approve or Revoke API Product for a Key for a Developer App.
  • (2) Revoking/approving specific key for a developer app. Revoking the key renders it unusable for the app to use it to access an API. Any access tokens associated with a revoked app key will remain active, but Apigee Edge checks the status of the app key first. If the status is set to "revoked," Apigee Edge will not allow the call go through. See Approve or Revoke Specific Key of Developer App.
  • (3) Revoke/approve the API key status of an entire developer app. A revoked app cannot access any API products and cannot invoke any API managed by Apigee Edge. See Approve or Revoke Developer App.
{
  "accessType": "",
  "appFamily": "default",
  "appId": "6ed3a4d1-4733-439a-80a4-0d71149ec9ad",
  "attributes": [
    {
      "name": "DisplayName",
      "value": "AnotherTestApp"
    },
    {
      "name": "Notes",
      "value": ""
    }
  ],
  "callbackUrl": "",
  "createdAt": 1415728893126,
  "createdBy": "wwitman@apigee.com",
  "credentials": [
    {
      "apiProducts": [
        {
          "apiproduct": "Weather-Product",
          "status": "revoked" // (1)
        }
      ],
      "attributes": [],
      "consumerKey": "giIC9Au6XP82wJ1oxZuQU4L75OdNKLhb",
      "consumerSecret": "SXg8JizqeTA8j3gX",
      "expiresAt": -1,
      "issuedAt": 1415728893154,
      "scopes": [],
      "status": "approved" // (2) 
    }
  ],
  "developerId": "Z2S37rxX2Suzkwtg",
  "lastModifiedAt": 1420682967414,
  "lastModifiedBy": "wwitman@apigee.com",
  "name": "AnotherTestApp",
  "scopes": [],
  "status": "approved" // (3)
}