- Stitch >
- Users & Authentication >
- Authentication Providers
API Key Authentication¶
On this page
Overview¶
The API Key authentication provider allows users to log in using generated keys. There are two types of API keys in MongoDB Stitch: server keys and user keys.
Server API Keys¶
Server API keys are generated centrally in the Stitch UI and are associated with automatically created Stitch server users. Provide a server key to external applications and services to allow them to authenticate directly with Stitch.
User API Keys¶
User API keys are generated for specific application users by the client SDKs. You can allow devices or services to communicate with Stitch on behalf of a user by associating a unique user key with each device.
User keys are always associated with a user object created by another authentication provider. Each user can associate up to 20 user keys with their account.
Configuration¶
- Stitch UI
- Import/Export
You can enable and configure the API Key authentication provider from the Stitch UI by selecting API Keys from the Users > Providers page.
You can enable and configure the API Key authentication provider with stitch-cli by importing an application directory that contains a configuration file for the provider.
The configuration file must be named api-key.json
and stored in the /auth_providers
directory. Configuration
files for the API Key authentication provider have the
following form:
Note
The API Key authentication provider does not have any provider-specific configuration options.
Usage¶
- JavaScript SDK
- Android SDK
- iOS SDK
Authenticate with an API Key¶
To log a user in using an API key, instantiate a UserApiKeyCredential with the user’s API key and pass it to the StitchAuth.loginWithCredential() method.
To log a user in using an API key, instantiate an UserApiKeyCredential object with the user’s API key and pass it to the StitchAuth.loginWithCredential() method.
To log an existing user into your application, instantiate UserAPIKeyCredential with the user’s API key and pass it to the StitchAuth.loginWithCredential() method:
Create a User API Key¶
To create a new user API key, obtain a UserApiKeyAuthProviderClient instance, and call the createApiKey() method when a user is already logged in with a different, non-anonymous authentication provider. The API key will be associated with the logged in user and can be used to interact with Stitch on their behalf.
Important
Stitch will only show you the key’s value one time. Make sure to
copy the value returned from createApiKey()
somewhere safe,
otherwise you will need to generate a new key.
To create a new user API key, obtain an UserApiKeyAuthProviderClient instance and call the createApiKey() method when a user is already logged in with a different, non-anonymous authentication provider. The API key will be associated with the logged in user and can be used to interact with Stitch on their behalf.
Important
Stitch will only show you the key’s value one time. Make sure to
copy the value returned from createApiKey()
somewhere safe,
otherwise you will need to generate a new key.
To create a new user API key, obtain a UserAPIKeyAuthProviderClient instance, and call the createAPIKey() method when a user is already logged in with a different, non-anonymous authentication provider. The API key will be associated with the logged in user and can be used to interact with Stitch on their behalf.
Important
Stitch will only show you the key’s value one time. Make sure to
copy the value returned from createAPIKey()
somewhere safe,
otherwise you will need to generate a new key.
Create a Server API Key¶
To create a new server API key, navigate to the API Key authentication configuration page in the Stitch UI and click Create API Key. Enter a unique name for the key and click Save.
Important
Remember to copy the server key’s value as soon as you create it. Once you leave the provider configuration page or disable the key you will not be able to find the value again in the Stitch UI.
Look up an Existing User Key¶
To get a list of all keys associated with the logged in user, obtain a UserApiKeyAuthProviderClient instance, and call the fetchApiKeys() method.
To look up a specific key for the logged in user, pass the key’s _id
value to the fetchApiKey() method.
To get a list of all keys associated with the logged in user, obtain an UserApiKeyAuthProviderClient instance and call the fetchApiKeys() method.
To look up a specific key for the logged in user, pass the key’s _id
value to the fetchApiKey()
method.
To get a list of all keys associated with the logged in user, obtain a UserAPIKeyAuthProviderClient instance, and call the fetchAPIKeys() method.
To look up a specific key for the logged in user, pass the key’s _id
value to the fetchAPIKey(withID:_:) method as the withID
argument.
Enable or Disable an API Key¶
To disable a specific API key without deleting it, obtain a
UserApiKeyAuthProviderClient
instance, and call the disableApiKey() method with
the key’s _id
value.
To enable a specific API key that was previously disabled, pass the
key’s _id
value to the enableApiKey() method.
To disable a specific API key without deleting it, obtain an
UserApiKeyAuthProviderClient
instance and pass the key’s
_id
value to the disableApiKey()
method.
To enable a specific API key that was previously disabled, pass the
key’s _id
value to the enableApiKey()
method.
To disable a specific API key without deleting it, obtain a
UserAPIKeyAuthProviderClient
instance, and pass the key’s
_id
value to the disableAPIKey(withID:_:)
method as the withID
argument.
To enable a specific API key that was previously disabled, pass the
key’s _id
value to the enableAPIKey(withID:_:)
Protocols/UserAPIKeyAuthProviderClient.html#/s:10StitchCore28UserAPIKeyAuthProviderClientP06enableD0y10MongoSwift8ObjectIdV6withID_yAA0A6ResultOyytGctF> method as the withID
argument.
Delete an API Key¶
To delete a specific API key, obtain a
UserApiKeyAuthProviderClient
instance, annnd pass the key’s _id
value to the
deleteApiKey() method.
To delete a specific API key, obtain an
UserApiKeyAuthProviderClient
instance and pass the key’s _id
value to the
deleteApiKey()
method.
To delete a specific API key, obtain a
UserAPIKeyAuthProviderClient
instance, and pass the key’s _id
value to the
deleteAPIKey(withID:_:) method as the withID
argument.