Our September update provides you with self-service API key management from the SIGNL4 web portal. Finally, you can fully exploit our comprehensive REST API. We also improved management of outbound webhook which can update your systems with any information on Signl handling.
API Key Management
It is now possible to manage API keys for the SIGNL4 API in the SIGNL4 account portal. Click on the “Developer” menu item to manage API keys.
Keys issued here can then be used to call SIGNL4 REST API functions. So now, you can build automations with SIGNL4 or integrate it more deeply with your system landscape.
API Key Security
Some details on security features of SIGNL4 API keys:
- For security reasons a limited validity of the keys is supported. Once they expire, they can no longer be used
- It is possible to issue keys with read-only access or with full access (read/write)
- When creating a key, it is displayed ONCE to you and you need to copy and store it safely. You won’t have access to the full key again as we don’t store it in plain text.
- When a key has been compromised, you can renew/recreate it. The old key becomes invalid and can no longer be used
How to use an API key
This is quite simple: the API key must be specified in a special HTTP header called “X-S4-Api-Key”. Below is a small request/response example with which all users of a SIGNL4 team are retrieved:
ANFRAGE:
GET https://devapi.signl4.com/api/users HTTP/1.1 Host: devapi.signl4.com Connection: keep-alive X-S4-Api-Key: f1a8d5a514572fd4f2f7i1958141d7930d92738n97b4e5af7fab0d1e8468d803 Content-Type: application/json
ANTWORT:
HTTP/1.1 200 OK Content-Length: 1159 Content-Type: application/json; charset=utf-8 Server: Microsoft-HTTPAPI/2.0 Date: Thu, 10 Sep 2020 07:44:24 GMT [{"id":"f0bd5063-9588-41cf-b3d9-94e5647dedc5","subscriptionId":"0acf8014-22f2-4503-88d7-f7d05b46744f","name":"Rene 🇩🇪","mail":"[email protected]","isDeactivated":false,"isInvite":false,"colorIndex":0,"dutyInfos":{"lastChange":"2020-09-04T14:00:13Z","onDuty":false,"onManagerDuty":false,"overdue":false}},{"id":"c0fa968a-7d3e-4fe6-90e6-09961af3f700","subscriptionId":"0acf8014-22f2-4503-88d7-f7d05b46744f","name":"Ron","mail":"[email protected]","isDeactivated":false,"isInvite":false,"colorIndex":2,"dutyInfos":{"lastChange":"2020-07-06T22:00:04Z","onDuty":false,"onManagerDuty":false,"overdue":false}}]
Improved Webhook Management
We’ve also update management of outbound webhooks. As you might know, SIGNL4 can send notifications to external applications via webhooks about these events. It is now possible to name a registered webhook, making it easier for you to remember which system or application it is addressing.
You can now also temporarily deactivate an outbound webhook. Such webhook will no longer be triggered, for instance in case of maintenance work or reconfiguration is happening.
We are confident that this is major step in enabling a broader use of SIGNL4 and much better integration into your workflows, applications, and services. Happy exploring!