Security templates

Security templates are used to generate API access keys (temporary keys with configurable permissions & restrictions)

The Security Templates are accessible from Settings > Project > Access (page) > Security template (tab).

Create a security template

Security Templates can be created with the +Add Template button by entering the following informations

Description

Used to identify the security template

Permissions

Used to define what users can / can't do with the assets. Permissions are selected from the list:

API Permission
Description

OBJECTS_LIST

List assets

OBJECTS_FETCH

Fetch assets

FILE_UPLOAD

Upload file

FILE_META_CREATE

Create file metadata

FILE_META_CHANGE

Update file metadata

FILE_RENAME

Rename file

FILE_MOVE

Move file

FILE_DELETE

Delete file

FILE_SET_VISIBILITY

Set file visibility

FILE_LABEL_CHANGE

Update file labels

FILE_IMAGE_EDITOR

Edit file

DIR_CREATE

Create directory

DIR_RENAME

Rename directory

DIR_META_CHANGE

Create and update directory metadata

DIR_MOVE

Move directory

DIR_DELETE

Delete directory

DIR_SET_VISIBILITY

Set directory visibility

CONFIG_CHANGE

Change container configuration

CONFIG_LIST

List container configuration

FILE_PRODUCT_CHANGE

Change product information

FILE_PROCESS_AUTOTAGGING

Perform autotagging

COLLECTIONS_LIST

List collections

COLLECTIONS_MANAGE

Manage collections

LABELS_LIST

View labels

LABEL_MANAGE

Manage labels

OBJECTS_SHARE_MANAGE

Manage sharebox

OBJECTS_AIRBOX_MANAGE

Manage airbox

OBJECTS_APPROVAL_MANAGE

Manage approval

OBJECTS_APPROVAL_VOTE

Approve/Reject assets

ACCESS_READ

View accesses

ACCESS_MANAGE

Manage accesses

Upload limits

These settings set limits on the Upload API.

Setting
Description
Default

Limit per min (limit_per_min)

Set the maximum uploads per minute with the key

Unlimited

Limit per source IP (limit_per_source_ip)

Maximum number of uploads allowed by IP by the key

Unlimited

Directory scope (dir_scope)

Directories where the key is allowed to upload. If you want to allow all subdirectories of /folder, set the value to /folder/*

All directories

Restrict IP limitation

It restricts API calls based on IP address ranges and/or countries.

Setting
Description
Default

Whitelist IP ranges (whitelist_ip_ranges)

IP addresses allowed to perform requests using this SecurityTemplate

No restrictions

Whitelist countries (whitelist_countries)

If the IP address is detected to come from these countries, they are allowed to make requests to the system

All countries are allowed

Key Validity

This setting allows to set the validity period of the key, for example to match the user's session length in your authenticated application

Setting
Description
Default

expiration_duration

time in second before the key expires

1200 s (20 minutes)

Listing Limits

Directories where the key is allowed to list elements.

Setting
Description
Default

directory_scope

Directories where the key is allowed to list and search assets. If you want to allow all subdirectories of /folder, set the value to /folder/*

All directories

Manage existing Security templates

Existing API keys can be managed individually or in bulk for status (Active <> Deactivate):

User level
Description

Description

To identify the Security template

Secret key

The Security Template value. To be kept secret

Created at

The Security Template creation date

Scope

Used to limit the scope. Value "project" by default.

Active

The Security template status that can be toggled from activated to deactivated using the ... options

Copy

Copy the secret key in the clipboard for easy reuse

Last updated

Logo

©2024 Scaleflex SAS