Configure an API key to support authentication for REST API endpoints.

Before you begin

Role required: admin

Plugin required: API Key and HMAC Authentication (com.glide.tokenbased_auth)

Procedure

  1. Create an inbound authentication profile.
    1. Navigate to All > System Web Services > API Access Policies > Inbound Authentication Profiles.
    2. Select New.
      The system displays the message What kind of authentication profile?
    3. Select Create API Key authentication profiles.
      API Key authentication profile
    4. On the form, fill in the fields.
      Table 1. API Key authentication profiles
      Field Description
      Name Name to identify the authentication policy.
      Application Scope of the authentication policy.
      Auth Parameter Select the auth parameter for the authentication request. You can select the default options or create a new auth parameter:
      • x-sn-apikey: Auth Header
      • x-sn-apikey: Query Parameter header
      Note: The selected option has to be defined in the REST call as part of the Auth Header or Query Parameter.
      API Parameter
    5. Submit the form.
  2. Create a REST API key.
    1. Navigate to All > System Web Services > API Access Policies > REST API Key.
    2. Select New.
    3. On the form, fill the fields:
    4. Submit the form.
    5. Open the record that was created to view the token generated by the Now Platform for the user.
      API Token
  3. Create a REST API Access policy.
    1. Navigate to All > System Web Services > REST API Access Policies.
    2. Select New.
    3. On the form, fill in the fields.
      Add profile to Access Policy
    4. Add the API Authentication profile that was created.
    5. Submit the form.
    You can send the REST API call with the x-sn-apikey (token) that was generated by the Now Platform during the API Key creation within the Header or Query parameter based on the configuration for authentication.
    Warning: Use POST request when submitting any sensitive information to the server.