accessing personal API keys with python

MRvLuijpen
accessing personal API keys with python

Hi community, 

I was wondering if it is possible for the administrator to periodically remove all personal API keys.

In the documentation, I did find that it's possible to create personal API keys, but no function to reference or delete them.

The link @https://doc.dataiku.com/dss/latest/python-api/client.html?highlight=personal%20key#dataikuapi.DSSCli...

0 Kudos
5 Replies
Liev
Dataiker Alumni

Hi @MRvLuijpen 

It would be good to understand a little the requirements behind this since these are user credentials and users can either regenerate such keys at any time. 

This would help us in understanding the need for such functionality and highlight to the product team.

0 Kudos
MRvLuijpen
Author

My collegue @antonstam also asked this question yesterday. (https://community.dataiku.com/t5/Setup-Configuration/API-key-lifespan/m-p/7147).

Because of security reasons we don't want users to generate personal API keys which last forever. We would like to limit the existence of these kinds of keys for just a few days.

0 Kudos
ATsao
Dataiker

Hi MRvLuijpen,

Unfortunately, as you have pointed out, it's not possible to delete personal API keys programmatically right now via the python API (as only the "create_personal_api_key" method exists currently). If you wish to do this using python code, our recommendation remains the same from the other thread. You would need to write your own custom code or script to modify the config/personal-apikeys.json file directly. 

As an aside, the ability to add expiration to personal API keys is an existing enhancement request that's already been captured and undergoing review in our backlog. 

Best,

Andrew

0 Kudos
pvannies

Hi @ATsao @Liev , just interested in an update:
is the ability to add expiration to personal API keys or to delete them via the Python API as an administrator still on the backlog? Will it be available in one of the upcoming releases?

 

0 Kudos
Liev
Dataiker Alumni

Hi Pauline, 


I'm afraid this is not active in public API yet. I've reiterated to the product backlog again.

Thank you!

0 Kudos