Definition

Manage API Key userview menu handles API call authentication for APIs created with the API Builder.

This userview menu is already bundled in the API Builder plugin.

Configure API Access

NameDescription

API Key

An automatically generated unique identifier used to authenticate to an API document.
Authentication MethodMethods available:
  • API Key
  • API Key & Token
  • Basic access authentication

Required keys in the request header:

MethodRequired Key(s)
API Key
  • api_id (API Document ID obtained from API Properties)
  • api_key (The automatically generated API Key)

API Key & Token

  • api_id
  • api_key
  • token (Value derived from configured token pattern)

Basic access authentication

  • api_id
  • api_key
  • Authorization (Base64 encoded value of username:password)

Example

For username "admin" & password of "admin":

admin:admin  Basic YWRtaW46YWRtaW4=

API Secret

(API Key & Token method)

A secret string commonly used in the token pattern.

Token Pattern

(API Key & Token method)

Token Pattern consists of hash algorithm and variables.

Format:

  • HASH(PATTERN)

Supported hash algorithm:

  • MD5
  • SHA-1
  • SHA-256
  • SHA-512

Supported variables:

  • {api_key}
  • {api_secret}
  • {date_pattern} (current date time)

Examples:

  • SHA-256({api_key}::{api_secret}::{yyyy-MM-dd HH:mm})
  • MD5({api_secret})

Token pattern must contain at least one and only one hash algorithm.

The {date_pattern} also determines how long the token is cached client-side. i.e the pattern "yyyy-MM-dd" will have the token cache to expire and regenerate every day

 

Permission Plugin

(Basic access authentication method)

Select a permission plugin and configure its properties.

Find list of available permission plugins here.

Custom Authenticator Plugin

Select a custom authenticator plugin and configure its properties.

This option is shown only if a plugin of that type exist in the system.

Learn more about API Authenticator plugin here.

Custom Authentication Method

Methods available:

  • Add as additional authentication method
  • Replace the default authentication method
API Key is always required regardless of method selected here.
Domain Whitelist

Domain whitelist to allow API calls.

Example

"localhost;www.joget.org;dev.joget.org”, or "*" to allow from everywhere.

IP Address Whitelist

IP address whitelist to allow API calls.

Example

"127.0.0.1;192.168.0.1”, or "*" to allow from everywhere.

RemarkAny remark or description for the created API access.
Save Log?Display Log View in a popup form.


Figure 1: Manage API Key in a userview


Figure 2: Manage API Key - Log view


Figure 3: Manage API Key - New/Edit access

Configure Userview Menu

Manage API Key properties

NameDescription
IDMenu element unique ID. Joget will use this ID in the URL if the Custom ID is empty.
Custom ID

Item link slug. Optional field.

Unique field

Ensure that value defined here is unique to other userview menus in the app, since the first matching/conflicting ID will take precedence in page loading.

LabelMenu label. Mandatory field.
API Document NameSelect an API Document that you have created with the API Builder, for configuration of access in runtime.


Figure 4: Manage API Key properties

UI

List

NameDescription
Button Position
  • Top Left
  • Top Right
  • Bottom Left
  • Bottom Right
  • Top Left & Bottom Left
  • Top Right & Bottom Right
Selection Type
  • Multiple
  • Single
Selector Position
  • Left
  • Right
  • Both left & right
  • No

New Record Button Label

New record button label to show in listing.

Edit Link Label

Edit button label to show in listing.

Delete Button Label

Delete button label to show in listing.

Custom Header

Custom HTML to show above the listing.
Custom FooterCustom HTML to show below the listing.


Figure 5: UI (List)

Add

NameDescription
Cancel Button LabelCancel button label to show in add new record form.
Save Button LabelSave button label to show in add new record form.
Message to show after Form savedMessage to show in a browser popup, after new record is saved.
Custom HeaderCustom HTML to show in header of add new record form.
Custom FooterCustom HTML to show in footer of add new record form.


Figure 6: UI (Add)

Edit

NameDescription
ReadonlyIf checked, the form will be rendered as read-only and not editable anymore.

Display Fields as Labels when in Readonly?

When the form is in read-only mode, determines if values should be displayed as is (label form) instead of being shown in original input fields.
Back Button Label

Back button label.

Default value: Back

Save Button Label

Save button label.
Default value: Save

Message to show after Form savedMessage to show in a browser popup, after a record is successfully edited.
Custom HeaderCustom HTML to show in header of edit record form.
Custom FooterCustom HTML to show in footer of edit record form.

Figure 7: UI (Edit)

Performance & Offline

Figure 8: Performance & Offline

  • Cache Settings
Performance

You can configure the Performance settings in this Userview Menu which allows one to cache existing content for improved performance and loading speed.

Read more at Performance Improvement with Userview Caching.

  • PWA Offline Settings
NameDescription
Enable cache for offline supportOnce enabled, this userview element will be accessible in the event of an offline environment. 




  • No labels