API keys reference
API keys are long-lived authentication tokens that make it more convenient for Sensu plugins and other Sensu-adjacent applications to authenticate with the Sensu API.
Unlike authentication tokens, API keys are persistent and do not need to be refreshed every 15 minutes.
The Sensu backend generates API keys, and you can provide them to applications that want to interact with the Sensu API.
Use the APIKey API to create, retrieve, and delete API keys.
Use the following header format to authenticate with API keys, replacing API_KEY
with your API key value:
Authorization: Key API_KEY
This is different from the authentication token, which uses the Authorization: Bearer
header format.
When you specify an API key in a request, the system resolves it to an authentication token and continues through the regular authentication process.
API key resource structure
type: APIKey
api_version: core/v2
metadata:
name: 19803eb8-36a6-4203-a225-28ec4e9f4444
spec:
created_at: 1570732266
username: admin
{
"type": "APIKey",
"api_version": "core/v2",
"metadata" : {
"name": "19803eb8-36a6-4203-a225-28ec4e9f4444"
},
"spec": {
"created_at": 1570732266,
"username": "admin"
}
}
API key specification
Top-level attributes
type |
|
description |
Top-level attribute that specifies the resource type. API keys should always be type APIKey . |
required |
true |
type |
String |
example |
|
api_version |
|
description |
Top-level attribute that specifies the Sensu API group and version. The api_version should always be core/v2 . |
required |
true |
type |
String |
example |
|
metadata |
|
description |
Top-level collection of metadata about the API key, including name and created_by . The metadata map is always at the top level of the API key definition. This means that in wrapped-json and yaml formats, the metadata scope occurs outside the spec scope. |
required |
true |
type |
Map of key-value pairs |
example |
"metadata": {
"name": "19803eb8-36a6-4203-a225-28ec4e9f4444",
"created_by": "admin"
}
|
spec |
|
description |
Top-level map that includes the API key’s spec attributes. |
required |
true |
type |
Map of key-value pairs |
example |
"spec": {
"created_at": 1570732266,
"username": "admin"
}
|
name |
|
description |
Unique string used to identify the API key. Sensu randomly generates a UUID for the name value — users cannot provide a name for an API key. |
required |
true |
type |
String |
example |
"name": "19803eb8-36a6-4203-a225-28ec4e9f4444"
|
created_by |
|
description |
Username of the Sensu user who created the API key or last updated the API key. Sensu automatically populates the created_by field when the API key is created or updated. |
required |
false |
type |
String |
example |
|
Spec attributes
username |
|
description |
User associated with the API key. |
required |
true |
type |
Array |
example |
|
created_at |
|
description |
Time at which the API key was created. Unix timestamp that is automatically generated when the API key is created. |
required |
true |
type |
Integer |
example |
|
Examples
type: APIKey
api_version: core/v2
metadata:
name: 19803eb8-36a6-4203-a225-28ec4e9f4444
spec:
created_at: 1570732266
username: admin
{
"type": "APIKey",
"api_version": "core/v2",
"metadata": {
"name": "19803eb8-36a6-4203-a225-28ec4e9f4444"
},
"spec": {
"created_at": 1570732266,
"username": "admin"
}
}