Mistake on this page? Email us

Application access keys

To use the Device Management service APIs to access a specific team's devices, you must have an access key associated with the team.

Note: API keys are deprecated as of August 2020. Create an access key instead. Your existing API keys are still valid.

The access key is associated with a group to which your application belongs and the team you associate the key with.

  • The initial access rights come from the group your application belongs to.

    To upgrade the access rights, add the access key's application to the Administrators group. You can only do this if you are an administrator, yourself.

    Tip: If you want developers to be able to use the APIs to create new access keys, you need to provide them an access key in an application with administrator access rights.

  • The key is associated with the team you used to create the access key and the chosen application.

    "Your team" means the team you used to create the access key. You were logged in to Device Management Portal with this team, or created the new key (with the APIs) with administrator rights.

    You cannot change the application association of an access key. Applications are always associated with a team.

Note: Anyone with your access key can access your account. To stop unauthorized use of the key, deactivate or delete the key.

Creating an application

In Portal: Creating an application

  1. Go to Access Management > Applications.

  2. Click New Application.

    The Create Application pop-up opens.

  3. Give the application an easily recognizable name. The name must be unique.

  4. Give a description for the new application.

  5. Choose a group the new application will be associated with.

  6. Click Create application.

Using the API: Creating an application


Use the /v3/applications endpoint to create a new application.

You can only perform this action if you authenticate it with an administrator's access key. You must already have at least one key with administrator rights before you can use the APIs to create any other keys.

Creating an access key

Before creating an access key, there must be at least one application already in the account.

In Portal: Creating an access key

  1. Go to Access Management > Access keys.

  2. Click New Access key.

    The Create Access key pop-up opens.

  3. Give the access key an easily recognizable name. The name must be unique.

  4. Choose the application the new access key will be associated with.

  5. Give a description for the new access key.

  6. Click Create Access key.

    The access key is displayed as plain text, with a Copy to Clipboard button.

    Note: You will not see the full access key with its secret part again. Please, copy it to a safe location.

Using the API: Creating an access key


Use the /v3/applications/{application_id}/access-keys endpoint to create an access key.

You can only perform this action if you authenticate it with an administrator's access key. You must already have at least one key with administrator rights before you can use the APIs to create any other keys.

Viewing and editing an access key

In Portal: Viewing and editing an access key

To view and edit access key details:

  1. Go to Access Management > Access keys.

  2. Click the key name.

    The Access key pane opens. You can only edit one key at a time.

  3. Click the Edit button.

    The Edit Access key pop-up opens. The available actions are:

Note: Access keys can have an expiration date. When an access key has expired, you cannot use it anymore. To reactivate the key, update the expiration into a future date. Alternatively, simply delete the access key and create a new one.

The Access key pane has two tabs that do not offer actions:

  • Summary: Basic key information, including the API host URL this access key can authenticate with, expiration date, and the first eight characters of the public portion of the key.
  • Attributes: Full key information as returned by the API, including the public portion of the key.

Using the API: Viewing and editing an access key


Use the Account Management API to manage existing keys. You must send the request with an administrator's access key.

Deactivating, reactivating and deleting an access key

You may want to delete an access key in these conditions:

  • Depending on your account type, you may have a limited number of access keys. If you've reached your limit, you must delete an existing key to create a new one.
  • If you think your access key was exposed to a third party or any other unauthorized persons.
  • For any other security reason. For example, if you no longer use and maintain the application that relied on a specific key, it's good practice to remove the key as the unmaintained application may have a security vulnerability.

Note: Keys are automatically deleted if their corresponding application is deleted.

In Portal: Deactivating, reactivating and deleting an access key

To temporarily deactivate or delete an access key:

  1. Deactivating an access key is one of the options available when editing an access key. Use this option if you are still not sure whether you want to delete the key and want to suspend its access while you investigate.
  2. You can reactivate the key if you are sure it’s safe.
  3. You can delete each access key separately, or multiple keys as a bulk action from the keys list. You cannot undo the delete operation. If you're not sure about the deletion, consider temporarily deactivating the key.

Using the API: Deactivating, reactivating and deleting an access key


Use the Account Management API to manage existing keys. You must send the request with an administrator's access key.

Using access keys in Secure Device Access (SDA)

To use the keys in a Secure Device Access application, or associate the keys with groups, see Secure Device Access.