Server API Key Management¶

In this article

Obtaining an API key for a specific server

Editing or deleting an API key

Using an API key

API key usage information

Obtaining an API key without a web panel

Information

An API key is a convenient way to authorize API requests to Invapi and access a specific server's Control Panel independently from your control center and personal account.

To access the entire account or a specific server, generate an API access key in the personal area of the Invapi control panel. Follow these instructions to obtain it.

Obtaining an API key for a specific server¶

Go to Invapi;
Please select the server for which you would like to access the external server control panel: My Servers >> You require a server;
Generate an API key:
- Navigate to the Info tab and choose the API keys option.
- Click the ~~Add new API-key~~ button;
- In the Name field, enter the name of the key to identify it;
- Specify IP addresses only from which this key will be allowed access in the IP ACL field, or leave it blank for unrestricted access;
- Check the Active box to activate the key;
- Click ~~Add new API key~~ button.
The API key will be displayed to you.

Attention

Be sure to copy and save the API key value as it will only be displayed once. Invapi stores only the hash value of the key, so if the original key is lost, it will need to be recreated.

Editing or deleting an API key¶

To edit or delete an API key, navigate to either your account or a specific server where it was generated and click on the desired key. In the window that appears, go to the General Info tab where you can:

change the key's name in the Name field;
set IP addresses from which calls using the key will be prohibited in the IP ACL field;
change or set the method of notification for logging in with this API key. This applies only to keys issued for the entire account and involves the notification address (email/URL) field;
enable or temporarily disable this feature using the Active checkbox.

Next, click the ~~Save API key~~ button to save your changes.

To delete an API key, click the ~~Delete API key~~ button.

Attention

The API key cannot be restored once it has been deleted.

Using an API key¶

The API key can be used in the following ways:

To obtain a session token required for subsequent API requests to an account or server in Invapi, authorization is necessary. Authorization can be obtained via an API key for access to either the entire account or a specific server through the auth/login call, depending on the API key used. If authorization is successful and the key is found in the database, the system will return the session token $HOSTKEY_TOKEN.
To access the Server Control Panel, which allows server access without logging into your Invapi Control Center account, and to embed it as a standalone module in your billing system to manage HOSTKEY servers, you must generate server-specific API keys.

API key usage information¶

In the Usage history tab, select a specific key for an account or server and click on it to view all logins made with this API key during a certain period. The output will include the email and IP address used for the login, its success status, as well as the date and time of the event.

Obtaining an API key without a web panel¶

An API key can be obtained without using the web control panel by utilizing the API methods for working with API keys. These methods can be executed from the command line or embedded into web solutions