Add API Key
This section describes the operation to register the API key used to access the API.
Info
To perform this procedure, verification of the target RP must be completed.
Verify that the verification status of the RP is “Verified”.
Operation Procedure
Select “RP” from the menu.
-
From the RP List table, click on the row of the RP you wish to edit to display the RP details.
-
Click on the API Key tab.
-
Click on the Register API key button.
-
In the API Key Registration modal, enter each item.
- API auth name
Name to identify the API key. - API auth type
Set the authentication method when using the API key.Type Description Nonce sign auth Signatures are created and verified using a Nonce (random value) provided by FIDO2ServerService. This is the method with the highest level of security; for each API request, a separate communication to obtain the nonce value is made. Datetime sign auth Create and verify signatures using date and time. Compared to Nonce Signature Authentication, this method has a high enough level of security, although theoretically the possibility of replay attacks within a short period of time due to communication eavesdropping occurs. We recommend using this service when you want to reduce various overheads caused by communication to FIDO2ServerService, such as for services with a very large number of users. Access key auth Uses a fixed key and verifies if the key matches. This is a simple method.
- API auth name
-
Click on the Register button.
-
Click OK on the confirmation message.
-
If registration is successful, API key information will be displayed. Copy and save each item displayed.
- API auth ID
ID used for API access. - API auth type
Type of authentication method. - Secret key
Secret key used for API access.
Warning
The secret key is only displayed at this time and cannot be confirmed later.
Be sure to save the text by copying it or otherwise. - API auth ID
-
Click the Close button to close the modal.