Links

API keys

Setup credentials for use across your Middle instance
Middle's API keys feature allows you to enter authentication credentials at the app level. You'll want to use this feature for credentials that are likely to be used instance-wide or when you don't want them exposed or handled by account-level users. The API keys feature is particularly useful when building apps that use OAuth 2.0.
An account whitelisted authentication credential entered at the app level

API key management

You have the option to edit existing API key or create new ones. Many pre-build Middle apps will require you to enter your credentials in a pre-existing API key. You can create as many API keys as you'd like. On the account level, when you create a new app connection, you'll be able to select which API keys you'd like to use for that connection.
Manage multiple API keys from one menu

Entering your credentials

Name and description

Naming your API key and providing a description helps you document whose credentials are entered and for what purpose. The API key name is important to discern between API keys at the account level.

Is default?

It will be important to understand whether an API key should be used by all accounts in your Middle instance or if they are specialized credentials. Defaulting an API will make it so that any app connection you set up uses those credentials when a different API key is now selected.
Select what API key you'd like to use when establishing an account-level app connection

Payload

The authentication credentials you are entering will likely need to be entered into the payload in JSON format, particularly when there are multiple credentials needed. With an app that needs a client ID and secret, your API key payload will look like this:
{
"client_id": "1234abcd56789zyxw",
"client_secret": "A1B2C3D4E56Z7Y8XD80DJE234"
}
The JSON keys are meant to be referenced by the apps script to authenticate.

Allowed accounts

You can limit which accounts are can use an API key. Selecting allowed accounts whitelist which accounts will have access to these credentials. This may be important to protect your credentials from misuse.