LMS365 enables global admins to generate multiple LMS365 API keys.
This allow for control over individual API keys as it is possible to revoke keys that are employed for a specific use without risking to break critical integrations. Also, either Read Only or Full Control can be assigned to each key limiting how the specific API key can be used.
API Key Management
API management is done centrally from the LMS365 Admin Center > Global Settings > API Key Management.
Here, the global admin can see a list of all API keys of the LMS365 tenant, generate new API keys, assign permissions, and revoke and edit current API keys.
The following information is provided on the API Key Management page:
- Name - The name of the API key is used for admins to identify relevant keys.
- API Key - The last 12 digits of the API key is shown in the overview. The API key can be copied from here.
- Status - Shows whether the API key is Active or Revoked.
- Permissions - Displays the level of API key permissions: Read Only or Full Control.
- Date Created - Displays the date and time of when the API key was created.
- Created By - Displays the name of the user who created the API key.
- Revocation Date - Displays the date and time of when the API key was revoked.
- Revoked By - Displays the name of the user who revoked the API key.
To search for a specific API key, you can use the Search field or filter keys from any column by selecting this.
The Created By and Revoked By columns have their own filters.
Generating API keys
To create an API key, select the Generate API Key button.
In the panel, fill out the Name field, easily copy the API key to clipboard if needed, and select the permissions level - Read Only or Full Control:
An API Key with Read Only permissions makes it possible to read data from your LMS365 tenant using LMS365 API methods. It will not be possible to update, create, or delete data in your LMS365 tenant using this API Key. Using an API method which attempts to update, create, or delete data, using a Read Only permission API Key, will cause the API method to fail.
With an API Key with Full Control permissions, it will be possible to both read, update, create, and delete data in your LMS365 tenant using LMS365 API methods.
After the type of access is selected and saved it is not possible to change it.
Managing API keys
On the API Key Management page, you can edit or revoke API keys. To do this, select the relevant API key and choose the relevant action in the Actions panel.
To edit an API key, select Edit API Key. This will open a panel where you can edit the name of the API key. You can not change other abilities of the API key than the name.
To revoke an API key, select Revoke API Key. A confirmation message will notify that the access to this API key will be lost and that the action cannot be undone. Select the check box to confirm this change and the Revoke button will become active.
Once the API Key has been revoked, all connections such as Power BI, Power Automate, etc., that are using this API key, will no longer be able to access or modify data in your LMS365 tenant.