FusionAuth v2.17.0, Mar 24 23

fusionauth.FusionAuthApiKey

Explore with Pulumi AI

# API Key

The FusionAuth APIs are primarily secured using API keys. This API can only be accessed using an API key that is set as a keyManager. In order to retrieve, update or delete an API key, an API key with equal or greater permissions must be used. A “tenant-scoped” API key can retrieve, create, update or delete an API key for the same tenant. This page describes APIs that are used to manage API keys.

API Key

Example Usage

using System.Collections.Generic;
using Pulumi;
using Fusionauth = theogravity.Fusionauth;

return await Deployment.RunAsync(() => 
{
    var example = new Fusionauth.FusionAuthApiKey("example", new()
    {
        Description = "my super secret key",
        Key = "super-secret-key",
        PermissionsEndpoints = new[]
        {
            new Fusionauth.Inputs.FusionAuthApiKeyPermissionsEndpointArgs
            {
                Delete = true,
                Endpoint = "/api/application",
                Get = true,
                Patch = true,
                Post = true,
                Put = true,
            },
        },
        TenantId = "94f751c5-4883-4684-a817-6b106778edec",
    });

});

package main

import (
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/theogravity/pulumi-fusionauth/sdk/v2/go/fusionauth"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := fusionauth.NewFusionAuthApiKey(ctx, "example", &fusionauth.FusionAuthApiKeyArgs{
			Description: pulumi.String("my super secret key"),
			Key:         pulumi.String("super-secret-key"),
			PermissionsEndpoints: fusionauth.FusionAuthApiKeyPermissionsEndpointArray{
				&fusionauth.FusionAuthApiKeyPermissionsEndpointArgs{
					Delete:   pulumi.Bool(true),
					Endpoint: pulumi.String("/api/application"),
					Get:      pulumi.Bool(true),
					Patch:    pulumi.Bool(true),
					Post:     pulumi.Bool(true),
					Put:      pulumi.Bool(true),
				},
			},
			TenantId: pulumi.String("94f751c5-4883-4684-a817-6b106778edec"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fusionauth.FusionAuthApiKey;
import com.pulumi.fusionauth.FusionAuthApiKeyArgs;
import com.pulumi.fusionauth.inputs.FusionAuthApiKeyPermissionsEndpointArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new FusionAuthApiKey("example", FusionAuthApiKeyArgs.builder()        
            .description("my super secret key")
            .key("super-secret-key")
            .permissionsEndpoints(FusionAuthApiKeyPermissionsEndpointArgs.builder()
                .delete(true)
                .endpoint("/api/application")
                .get(true)
                .patch(true)
                .post(true)
                .put(true)
                .build())
            .tenantId("94f751c5-4883-4684-a817-6b106778edec")
            .build());

    }
}

import pulumi
import theogravity_pulumi-fusionauth as fusionauth

example = fusionauth.FusionAuthApiKey("example",
    description="my super secret key",
    key="super-secret-key",
    permissions_endpoints=[fusionauth.FusionAuthApiKeyPermissionsEndpointArgs(
        delete=True,
        endpoint="/api/application",
        get=True,
        patch=True,
        post=True,
        put=True,
    )],
    tenant_id="94f751c5-4883-4684-a817-6b106778edec")

import * as pulumi from "@pulumi/pulumi";
import * as fusionauth from "pulumi-fusionauth";

const example = new fusionauth.FusionAuthApiKey("example", {
    description: "my super secret key",
    key: "super-secret-key",
    permissionsEndpoints: [{
        "delete": true,
        endpoint: "/api/application",
        get: true,
        patch: true,
        post: true,
        put: true,
    }],
    tenantId: "94f751c5-4883-4684-a817-6b106778edec",
});

resources:
  example:
    type: fusionauth:FusionAuthApiKey
    properties:
      description: my super secret key
      key: super-secret-key
      permissionsEndpoints:
        - delete: true
          endpoint: /api/application
          get: true
          patch: true
          post: true
          put: true
      tenantId: 94f751c5-4883-4684-a817-6b106778edec

Create FusionAuthApiKey Resource

new FusionAuthApiKey(name: string, args?: FusionAuthApiKeyArgs, opts?: CustomResourceOptions);

@overload
def FusionAuthApiKey(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     description: Optional[str] = None,
                     ip_access_control_list_id: Optional[str] = None,
                     key: Optional[str] = None,
                     key_id: Optional[str] = None,
                     permissions_endpoints: Optional[Sequence[FusionAuthApiKeyPermissionsEndpointArgs]] = None,
                     tenant_id: Optional[str] = None)
@overload
def FusionAuthApiKey(resource_name: str,
                     args: Optional[FusionAuthApiKeyArgs] = None,
                     opts: Optional[ResourceOptions] = None)

func NewFusionAuthApiKey(ctx *Context, name string, args *FusionAuthApiKeyArgs, opts ...ResourceOption) (*FusionAuthApiKey, error)

public FusionAuthApiKey(string name, FusionAuthApiKeyArgs? args = null, CustomResourceOptions? opts = null)

public FusionAuthApiKey(String name, FusionAuthApiKeyArgs args)
public FusionAuthApiKey(String name, FusionAuthApiKeyArgs args, CustomResourceOptions options)

type: fusionauth:FusionAuthApiKey
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args FusionAuthApiKeyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args FusionAuthApiKeyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args FusionAuthApiKeyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args FusionAuthApiKeyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args FusionAuthApiKeyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

FusionAuthApiKey Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The FusionAuthApiKey resource accepts the following input properties:

Description string: Description of the key.
IpAccessControlListId string: The Id of the IP Access Control List limiting access to this API key.
Key string: API key string. When you create an API key the key is defaulted to a secure random value but the API key is simply a string, so you may call it super-secret-key if you’d like. However a long and random value makes a good API key in that it is unique and difficult to guess.
KeyId string: The Id to use for the new Form. If not specified a secure random UUID will be generated.
PermissionsEndpoints List<theogravity.Fusionauth.Inputs.FusionAuthApiKeyPermissionsEndpointArgs>: The unique Id of the private key downloaded from Apple and imported into Key Master that will be used to sign the client secret.
TenantId string: The unique Id of the Tenant. This value is required if the key is meant to be tenant scoped. Tenant scoped keys can only be used to access users and other tenant scoped objects for the specified tenant. This value is read-only once the key is created.

Description string: Description of the key.
IpAccessControlListId string: The Id of the IP Access Control List limiting access to this API key.
Key string: API key string. When you create an API key the key is defaulted to a secure random value but the API key is simply a string, so you may call it super-secret-key if you’d like. However a long and random value makes a good API key in that it is unique and difficult to guess.
KeyId string: The Id to use for the new Form. If not specified a secure random UUID will be generated.
PermissionsEndpoints []FusionAuthApiKeyPermissionsEndpointArgs: The unique Id of the private key downloaded from Apple and imported into Key Master that will be used to sign the client secret.
TenantId string: The unique Id of the Tenant. This value is required if the key is meant to be tenant scoped. Tenant scoped keys can only be used to access users and other tenant scoped objects for the specified tenant. This value is read-only once the key is created.

description String: Description of the key.
ipAccessControlListId String: The Id of the IP Access Control List limiting access to this API key.
key String: API key string. When you create an API key the key is defaulted to a secure random value but the API key is simply a string, so you may call it super-secret-key if you’d like. However a long and random value makes a good API key in that it is unique and difficult to guess.
keyId String: The Id to use for the new Form. If not specified a secure random UUID will be generated.
permissionsEndpoints List<FusionAuthApiKeyPermissionsEndpointArgs>: The unique Id of the private key downloaded from Apple and imported into Key Master that will be used to sign the client secret.
tenantId String: The unique Id of the Tenant. This value is required if the key is meant to be tenant scoped. Tenant scoped keys can only be used to access users and other tenant scoped objects for the specified tenant. This value is read-only once the key is created.

description string: Description of the key.
ipAccessControlListId string: The Id of the IP Access Control List limiting access to this API key.
key string: API key string. When you create an API key the key is defaulted to a secure random value but the API key is simply a string, so you may call it super-secret-key if you’d like. However a long and random value makes a good API key in that it is unique and difficult to guess.
keyId string: The Id to use for the new Form. If not specified a secure random UUID will be generated.
permissionsEndpoints FusionAuthApiKeyPermissionsEndpointArgs[]: The unique Id of the private key downloaded from Apple and imported into Key Master that will be used to sign the client secret.
tenantId string: The unique Id of the Tenant. This value is required if the key is meant to be tenant scoped. Tenant scoped keys can only be used to access users and other tenant scoped objects for the specified tenant. This value is read-only once the key is created.

description str: Description of the key.
ip_access_control_list_id str: The Id of the IP Access Control List limiting access to this API key.
key str: API key string. When you create an API key the key is defaulted to a secure random value but the API key is simply a string, so you may call it super-secret-key if you’d like. However a long and random value makes a good API key in that it is unique and difficult to guess.
key_id str: The Id to use for the new Form. If not specified a secure random UUID will be generated.
permissions_endpoints Sequence[FusionAuthApiKeyPermissionsEndpointArgs]: The unique Id of the private key downloaded from Apple and imported into Key Master that will be used to sign the client secret.
tenant_id str: The unique Id of the Tenant. This value is required if the key is meant to be tenant scoped. Tenant scoped keys can only be used to access users and other tenant scoped objects for the specified tenant. This value is read-only once the key is created.

description String: Description of the key.
ipAccessControlListId String: The Id of the IP Access Control List limiting access to this API key.
key String: API key string. When you create an API key the key is defaulted to a secure random value but the API key is simply a string, so you may call it super-secret-key if you’d like. However a long and random value makes a good API key in that it is unique and difficult to guess.
keyId String: The Id to use for the new Form. If not specified a secure random UUID will be generated.
permissionsEndpoints List<Property Map>: The unique Id of the private key downloaded from Apple and imported into Key Master that will be used to sign the client secret.
tenantId String: The unique Id of the Tenant. This value is required if the key is meant to be tenant scoped. Tenant scoped keys can only be used to access users and other tenant scoped objects for the specified tenant. This value is read-only once the key is created.

Outputs

All input properties are implicitly available as output properties. Additionally, the FusionAuthApiKey resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing FusionAuthApiKey Resource

Get an existing FusionAuthApiKey resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: FusionAuthApiKeyState, opts?: CustomResourceOptions): FusionAuthApiKey

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        description: Optional[str] = None,
        ip_access_control_list_id: Optional[str] = None,
        key: Optional[str] = None,
        key_id: Optional[str] = None,
        permissions_endpoints: Optional[Sequence[FusionAuthApiKeyPermissionsEndpointArgs]] = None,
        tenant_id: Optional[str] = None) -> FusionAuthApiKey

func GetFusionAuthApiKey(ctx *Context, name string, id IDInput, state *FusionAuthApiKeyState, opts ...ResourceOption) (*FusionAuthApiKey, error)

public static FusionAuthApiKey Get(string name, Input<string> id, FusionAuthApiKeyState? state, CustomResourceOptions? opts = null)

public static FusionAuthApiKey get(String name, Output<String> id, FusionAuthApiKeyState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Description string: Description of the key.
IpAccessControlListId string: The Id of the IP Access Control List limiting access to this API key.
Key string: API key string. When you create an API key the key is defaulted to a secure random value but the API key is simply a string, so you may call it super-secret-key if you’d like. However a long and random value makes a good API key in that it is unique and difficult to guess.
KeyId string: The Id to use for the new Form. If not specified a secure random UUID will be generated.
PermissionsEndpoints List<theogravity.Fusionauth.Inputs.FusionAuthApiKeyPermissionsEndpointArgs>: The unique Id of the private key downloaded from Apple and imported into Key Master that will be used to sign the client secret.
TenantId string: The unique Id of the Tenant. This value is required if the key is meant to be tenant scoped. Tenant scoped keys can only be used to access users and other tenant scoped objects for the specified tenant. This value is read-only once the key is created.

Description string: Description of the key.
IpAccessControlListId string: The Id of the IP Access Control List limiting access to this API key.
Key string: API key string. When you create an API key the key is defaulted to a secure random value but the API key is simply a string, so you may call it super-secret-key if you’d like. However a long and random value makes a good API key in that it is unique and difficult to guess.
KeyId string: The Id to use for the new Form. If not specified a secure random UUID will be generated.
PermissionsEndpoints []FusionAuthApiKeyPermissionsEndpointArgs: The unique Id of the private key downloaded from Apple and imported into Key Master that will be used to sign the client secret.
TenantId string: The unique Id of the Tenant. This value is required if the key is meant to be tenant scoped. Tenant scoped keys can only be used to access users and other tenant scoped objects for the specified tenant. This value is read-only once the key is created.

description String: Description of the key.
ipAccessControlListId String: The Id of the IP Access Control List limiting access to this API key.
key String: API key string. When you create an API key the key is defaulted to a secure random value but the API key is simply a string, so you may call it super-secret-key if you’d like. However a long and random value makes a good API key in that it is unique and difficult to guess.
keyId String: The Id to use for the new Form. If not specified a secure random UUID will be generated.
permissionsEndpoints List<FusionAuthApiKeyPermissionsEndpointArgs>: The unique Id of the private key downloaded from Apple and imported into Key Master that will be used to sign the client secret.
tenantId String: The unique Id of the Tenant. This value is required if the key is meant to be tenant scoped. Tenant scoped keys can only be used to access users and other tenant scoped objects for the specified tenant. This value is read-only once the key is created.

description string: Description of the key.
ipAccessControlListId string: The Id of the IP Access Control List limiting access to this API key.
key string: API key string. When you create an API key the key is defaulted to a secure random value but the API key is simply a string, so you may call it super-secret-key if you’d like. However a long and random value makes a good API key in that it is unique and difficult to guess.
keyId string: The Id to use for the new Form. If not specified a secure random UUID will be generated.
permissionsEndpoints FusionAuthApiKeyPermissionsEndpointArgs[]: The unique Id of the private key downloaded from Apple and imported into Key Master that will be used to sign the client secret.
tenantId string: The unique Id of the Tenant. This value is required if the key is meant to be tenant scoped. Tenant scoped keys can only be used to access users and other tenant scoped objects for the specified tenant. This value is read-only once the key is created.

description str: Description of the key.
ip_access_control_list_id str: The Id of the IP Access Control List limiting access to this API key.
key str: API key string. When you create an API key the key is defaulted to a secure random value but the API key is simply a string, so you may call it super-secret-key if you’d like. However a long and random value makes a good API key in that it is unique and difficult to guess.
key_id str: The Id to use for the new Form. If not specified a secure random UUID will be generated.
permissions_endpoints Sequence[FusionAuthApiKeyPermissionsEndpointArgs]: The unique Id of the private key downloaded from Apple and imported into Key Master that will be used to sign the client secret.
tenant_id str: The unique Id of the Tenant. This value is required if the key is meant to be tenant scoped. Tenant scoped keys can only be used to access users and other tenant scoped objects for the specified tenant. This value is read-only once the key is created.

description String: Description of the key.
ipAccessControlListId String: The Id of the IP Access Control List limiting access to this API key.
key String: API key string. When you create an API key the key is defaulted to a secure random value but the API key is simply a string, so you may call it super-secret-key if you’d like. However a long and random value makes a good API key in that it is unique and difficult to guess.
keyId String: The Id to use for the new Form. If not specified a secure random UUID will be generated.
permissionsEndpoints List<Property Map>: The unique Id of the private key downloaded from Apple and imported into Key Master that will be used to sign the client secret.
tenantId String: The unique Id of the Tenant. This value is required if the key is meant to be tenant scoped. Tenant scoped keys can only be used to access users and other tenant scoped objects for the specified tenant. This value is read-only once the key is created.

Supporting Types

FusionAuthApiKeyPermissionsEndpoint

Endpoint string
Delete bool: HTTP DELETE Verb.
Get bool: HTTP GET Verb.
Patch bool: HTTP PATCH Verb
Post bool: HTTP POST Verb
Put bool: HTTP PUT Verb

Endpoint string
Delete bool: HTTP DELETE Verb.
Get bool: HTTP GET Verb.
Patch bool: HTTP PATCH Verb
Post bool: HTTP POST Verb
Put bool: HTTP PUT Verb

endpoint String
delete Boolean: HTTP DELETE Verb.
get Boolean: HTTP GET Verb.
patch Boolean: HTTP PATCH Verb
post Boolean: HTTP POST Verb
put Boolean: HTTP PUT Verb

endpoint string
delete boolean: HTTP DELETE Verb.
get boolean: HTTP GET Verb.
patch boolean: HTTP PATCH Verb
post boolean: HTTP POST Verb
put boolean: HTTP PUT Verb

endpoint str
delete bool: HTTP DELETE Verb.
get bool: HTTP GET Verb.
patch bool: HTTP PATCH Verb
post bool: HTTP POST Verb
put bool: HTTP PUT Verb

endpoint String
delete Boolean: HTTP DELETE Verb.
get Boolean: HTTP GET Verb.
patch Boolean: HTTP PATCH Verb
post Boolean: HTTP POST Verb
put Boolean: HTTP PUT Verb

Package Details

Repository: fusionauth theogravity/pulumi-fusionauth
License: MIT
Notes: This Pulumi package is based on the fusionauth Terraform Provider.