Credential storage

Middle's API keys feature allows you to enter authentication credentials at the app level. You'll want to use this feature for credentials that are likely to be used instance-wide or when you don't want them exposed or handled by account-level users. The API keys feature is particularly useful when building apps that use OAuth 2.0.

API key management

You have the option to edit existing API key or create new ones. Many pre-build Middle apps will require you to enter your credentials in a pre-existing API key. You can create as many API keys as you'd like. On the account level, when you create a new app connection, you'll be able to select which API keys you'd like to use for that connection.

Entering your credentials

Name and description

Naming your API key and providing a description helps you document whose credentials are entered and for what purpose. The API key name is important to discern between API keys at the account level.

Is default?

It will be important to understand whether an API key should be used by all accounts in your Middle instance or if they are specialized credentials. Defaulting an API will make it so that any app connection you set up uses those credentials when a different API key is now selected.

Payload

The authentication credentials you are entering will likely need to be entered into the payload in JSON format, particularly when there are multiple credentials needed. With an app that needs a client ID and secret, your API key payload will look like this:

Allowed accounts

You can limit which accounts are can use an API key. Selecting allowed accounts whitelist which accounts will have access to these credentials. This may be important to protect your credentials from misuse.