Several questions about keys and enrollments

  1. if keys are in hashed mode and cannot be displayed , how admin can revoke them
  2. how developer is able to unsubscribe from his enrollment to an API
  3. in the catalog the enrollment is per API , does my developers needs to enroll a key for each API they are going to use , i have dozens of them

thanks in advance


1 Like

Hi Shloni,

  1. Keys which are issued though the developer portal via a key request are associated with the developer’s account, so you are able to retrieve these and revoke them.
  2. At the moment, a developer is not able to revoke their own keys, but a Dashboard user can do so.
  3. Catalogues are linked to policies, and it is the policy which provides access to APIs. So, if your policy grants access to many APIs then the user will be able to access them all using the key linked to that policy.


Thanks dave
regarding #3 - i added another API and gave access to it in the policy ,
i deleted the user and made sure he enroll again .
but in developer dashboard not even the api url appear so he can see which one he have.
only the catalog name and description -what am i missing here ?


The catalogue name and description would need to be changed manually, it does not update automatically.

I should also update you on #1, with our next release you will be able to search for keys with their hashed value, so you will not need to know the original value in order to edit them via the dashboard.

Hey Shlomi

The use of policies is designed to “abstract” the API you present to the world, from all the back-end APIs that might exist.

We typically find that users prefer to present a simpler view to the outside world, rather than exposing their internal structure. Consumers of your API product don’t necessarily need to know what the back-end structure is.

So you can wrap-up a bunch of different levels of access to different end-points and expose it as a product.

For that reason, you’ll need to adjust what is published in the portal manually.