Skip to main content

Access keys

Under Settings > Access keys, you can manage your access keys.

You can access the API of Identity Cloud using an access key. The access key adds a layer of security. For authentication, each request to the Identity Cloud API must add the Authorization: Bearer header with an access key.

On the Identity Cloud management console, you can trigger the generation of access keys. You define a name for each access key, and the key is generated automatically by the system. You can then provide the access key to client applications, so that they can access and use the Identity Cloud API.

Access key list

The access key list gives you an overview, where you can browse your access keys.

Access key list

From the access key list, you can perform the following general actions:

Directly from the access key list, you can perform the following actions for a specific access key:

Access key list actions

You can show the key or revoke an access key in the access key details as well.


The access key Name has to be unique, and can contain alphanumeric characters and underscore only. The length of the Name is maximum 30 characters.


By default, the access key is hidden. You can show it by clicking the Show key button.

Access key shown

Generate access key

To generate an access key perform the following steps.

  1. Go to Settings > Access keys and click Generate access key on the top right.
  2. Provide a valid Name.
  3. Click the Generate button. The access key is generated, and you are redirected to the details of the new access key.
Generate access key dialog

Access key details

You can check and edit the details of an access key.

Click an access key in the list, and you are navigated to the details.

Access key details

You can modify the access key Name. If the name requirements are passed, you can save your changes by clicking Save.

In the details of the access key the key itself is also hidden, you can check that by clicking Show key.

Access key details actions

On the right side of the details page, you can find more information about the access key:

  • Access key created The creation timestamp of the access key
  • Access key ID The unique ID of the access key

Revoke access key

You can revoke access keys on the management console. After that, the revoked access key cannot be used anymore to access to the Identity Cloud API anymore.

If you click the Revoke access key action, you can revoke the selected access key after the confirmation.


Once you revoke an access key, the access key is deleted from the database, and you cannot undo the action.

Revoke access key confirmation dialog