API Keys Management

Overzicht

API keys bieden veilige toegang tot de PulseGuard API voor automatisering, integraties, en custom dashboards. Elke key heeft specifieke permissions en expiration settings.

API Key Types

Personal API Keys

Voor individuele gebruikers en development:

Scope: Persoonlijke projecten en development
Expiration: Aanbevolen 90 dagen
Rate Limits: 1000 requests per uur
Audit: Persoonlijke activiteit logs

Organization API Keys

Voor team access en productie systemen:

Scope: Organization-wide resources
Expiration: Aanbevolen 30 dagen
Rate Limits: 10,000 requests per uur
Audit: Gedetailleerde organization logs

Service Account Keys

Voor server-to-server communicatie:

Scope: Specifieke service permissions
Expiration: Nooit (regelmatig roteren)
Rate Limits: 50,000 requests per uur
Audit: Service-specifieke logs

Creating API Keys

Via Dashboard

Ga naar Settings
- Klik op “API Keys” in de sidebar
- Of ga naar: https://guard.ipulse.one/settings/api-keys
Nieuwe Key Aanmaken
- Klik “Generate New Key”
- Voer een beschrijvende naam in
- Selecteer key type (Personal/Organization/Service)

Configureer Permissions

{
  "domains": {
    "read": true,
    "write": false,
    "delete": false
  },
  "devices": {
    "read": true,
    "write": false
  },
  "incidents": {
    "read": true,
    "write": true
  },
  "reports": {
    "read": true
  }
}

Stel Expiration In
- Development: 90 dagen
- Production: 30 dagen
- Service Accounts: 365 dagen (met monitoring)
Genereer Key
- Klik “Create API Key”
- BELANGRIJK: Kopieer de key onmiddellijk
- De key wordt slechts één keer getoond

Via API

Voor geautomatiseerde key management:

POST /api-keys
Authorization: Bearer YOUR_JWT_TOKEN
Content-Type: application/json

{
  "name": "Production API Key",
  "type": "organization",
  "description": "Key for production monitoring system",
  "permissions": {
    "domains": ["read", "write"],
    "devices": ["read"],
    "incidents": ["read", "write"],
    "reports": ["read"]
  },
  "expires_at": "2024-04-17T10:30:00Z",
  "ip_restrictions": ["192.168.1.0/24"],
  "metadata": {
    "environment": "production",
    "service": "monitoring-system",
    "owner": "devops-team"
  }
}

Managing API Keys

List API Keys

Bekijk alle API keys voor je account:

GET /api-keys
Authorization: Bearer YOUR_JWT_TOKEN

Response:

{
  "keys": [
    {
      "id": "key_123",
      "name": "Production API Key",
      "type": "organization",
      "created_at": "2024-01-17T08:00:00Z",
      "expires_at": "2024-04-17T08:00:00Z",
      "last_used": "2024-01-17T10:30:00Z",
      "permissions": ["domains:read", "devices:read"],
      "status": "active",
      "usage": {
        "requests_today": 1250,
        "requests_this_month": 25000
      }
    }
  ],
  "pagination": {
    "total": 5,
    "limit": 50,
    "offset": 0
  }
}

Update API Key

Wijzig permissions of instellingen:

PUT /api-keys/key_123
Authorization: Bearer YOUR_JWT_TOKEN
Content-Type: application/json

{
  "name": "Updated Production Key",
  "permissions": {
    "domains": ["read", "write"],
    "incidents": ["read", "write"],
    "reports": ["read"]
  },
  "expires_at": "2024-05-17T08:00:00Z"
}

Rotate API Key

Genereer nieuwe secret terwijl dezelfde key ID behouden blijft:

POST /api-keys/key_123/rotate
Authorization: Bearer YOUR_JWT_TOKEN

Response:

{
  "id": "key_123",
  "name": "Production API Key",
  "new_secret": "pulse_abc123def456...",
  "rotated_at": "2024-01-17T11:00:00Z",
  "old_secret_expires_at": "2024-01-18T11:00:00Z"
}

Delete API Key

Verwijder een API key permanent:

DELETE /api-keys/key_123
Authorization: Bearer YOUR_JWT_TOKEN

Permissions System

Available Permissions

Domains

domains:read - Domein status en statistieken bekijken
domains:write - Domeinen aanmaken en bijwerken
domains:delete - Domeinen verwijderen

Devices

devices:read - Device status en metrics bekijken
devices:write - Devices registreren en configureren
devices:delete - Devices verwijderen

Incidents

incidents:read - Incidenten bekijken
incidents:write - Incidenten aanmaken en bijwerken
incidents:delete - Incidenten verwijderen

Services

services:read - Service monitoring bekijken
services:write - Services configureren
services:delete - Services verwijderen

Reports

reports:read - Rapporten genereren en bekijken
reports:write - Custom rapporten aanmaken

Administration

admin:read - Systeem configuratie bekijken
admin:write - Systeem instellingen wijzigen

Permission Presets

Read-Only Access:

{
  "permissions": [
    "domains:read",
    "devices:read",
    "incidents:read",
    "services:read",
    "reports:read"
  ]
}

Monitoring Access:

{
  "permissions": [
    "domains:read",
    "domains:write",
    "devices:read",
    "incidents:read",
    "incidents:write",
    "services:read",
    "services:write"
  ]
}

Full Access:

{
  "permissions": [
    "domains:*",
    "devices:*",
    "incidents:*",
    "services:*",
    "reports:*",
    "admin:read"
  ]
}

Security Features

IP Restrictions

Beperk API key tot specifieke IP ranges:

PUT /api-keys/key_123
Authorization: Bearer YOUR_JWT_TOKEN
Content-Type: application/json

{
  "ip_restrictions": [
    "192.168.1.0/24",
    "10.0.0.0/8",
    "203.0.113.5"
  ]
}

Geographic Restrictions

Beperk tot specifieke landen:

{
  "country_restrictions": [
    "NL",
    "BE",
    "DE"
  ],
  "block_tor": true
}

Time-based Restrictions

Beperk tot specifieke uren:

{
  "time_restrictions": {
    "timezone": "Europe/Amsterdam",
    "allowed_hours": ["09:00-17:00"],
    "allowed_days": ["monday", "tuesday", "wednesday", "thursday", "friday"]
  }
}

Monitoring & Analytics

API Key Usage

Bekijk usage statistieken:

GET /api-keys/key_123/usage
Authorization: Bearer YOUR_JWT_TOKEN

Response:

{
  "key_id": "key_123",
  "period": "30d",
  "total_requests": 45000,
  "requests_by_endpoint": {
    "/api/domains": 25000,
    "/api/devices": 12000,
    "/api/incidents": 8000
  },
  "requests_by_method": {
    "GET": 40000,
    "POST": 4000,
    "PUT": 1000
  },
  "error_rate": 0.02,
  "avg_response_time_ms": 145
}

Audit Logs

Bekijk gedetailleerde logs:

GET /api-keys/key_123/logs
Authorization: Bearer YOUR_JWT_TOKEN
Query Parameters:
  - from=2024-01-01T00:00:00Z
  - to=2024-01-17T23:59:59Z
  - limit=100

Response:

{
  "logs": [
    {
      "timestamp": "2024-01-17T10:30:15Z",
      "ip_address": "192.168.1.100",
      "user_agent": "PulseGuard-SDK/1.0",
      "method": "GET",
      "endpoint": "/api/domains",
      "status_code": 200,
      "response_time_ms": 145,
      "request_id": "req_abc123"
    }
  ]
}

Rate Limiting

Rate Limit Tiers

Key Type	Requests/Hour	Requests/Day	Burst Limit
Personal	1,000	10,000	100
Organization	10,000	100,000	1,000
Service Account	50,000	500,000	5,000

Rate Limit Headers

Alle API responses bevatten rate limit headers:

X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 999
X-RateLimit-Reset: 1640995200
X-RateLimit-Retry-After: 3600  // Alleen bij limit overschreden

Handling Rate Limits

Implementeer exponential backoff:

async function apiCall(endpoint, options = {}, retryCount = 0) {
  try {
    const response = await fetch(`https://api.ipulse.one${endpoint}`, {
      headers: {
        'Authorization': `Bearer ${API_KEY}`,
        ...options.headers
      },
      ...options
    });

    if (response.status === 429) {
      const retryAfter = response.headers.get('X-RateLimit-Retry-After');
      const delay = Math.min(1000 * Math.pow(2, retryCount), 30000);

      await new Promise(resolve => setTimeout(resolve, delay));
      return apiCall(endpoint, options, retryCount + 1);
    }

    return response;
  } catch (error) {
    if (retryCount < 3) {
      const delay = 1000 * Math.pow(2, retryCount);
      await new Promise(resolve => setTimeout(resolve, delay));
      return apiCall(endpoint, options, retryCount + 1);
    }
    throw error;
  }
}

Best Practices

Key Management

Regelmatige Rotatie: Roteer keys elke 30-90 dagen
Minimal Permissions: Geef alleen noodzakelijke toegang
Beschrijvende Namen: Gebruik duidelijke namen voor identificatie
Environment Separation: Verschillende keys voor dev/staging/prod

Security

Veilige Opslag: Bewaar keys in environment variables
Nooit Hardcoden: Niet in broncode committen
Monitor Usage: Controleer regelmatig op verdachte activiteit
Immediate Revocation: Trek toegang in bij security incidents

Monitoring

Usage Alerts: Stel alerts in voor ongebruikelijke activiteit
Regular Audits: Controleer permissions regelmatig
Log Analysis: Monitor API logs voor anomalies
Performance Tracking: Houd response times in de gaten

Troubleshooting

Common Issues

“API Key not found”

Controleer of de key correct gespeld is
Verificeer dat de key niet verlopen is
Check of de key niet gedeactiveerd is

Rate Limit Exceeded

Implementeer backoff strategie
Controleer je usage patterns
Upgrade naar hoger plan indien nodig

Permission Denied

Controleer key permissions
Update permissions indien nodig
Verificeer dat je de juiste key gebruikt

IP Address Blocked

Controleer IP restrictions
Update allowed IPs indien nodig
Gebruik VPN als tijdelijke oplossing

Debug Commands

Key Status Controleren:

curl -H "Authorization: Bearer YOUR_JWT_TOKEN" \
  "https://api.ipulse.one/api-keys"

Key Permissions Bekijken:

curl -H "Authorization: Bearer YOUR_JWT_TOKEN" \
  "https://api.ipulse.one/api-keys/key_123"

Usage Statistieken:

curl -H "Authorization: Bearer YOUR_JWT_TOKEN" \
  "https://api.ipulse.one/api-keys/key_123/usage"

Migration Guide

Upgrading from v1 to v2

Backup Current Keys

curl -H "Authorization: Bearer YOUR_JWT_TOKEN" \
  "https://api.ipulse.one/api-keys" > backup.json

Create New Keys with v2 Permissions

curl -X POST "https://api.ipulse.one/api-keys" \
  -H "Authorization: Bearer YOUR_JWT_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"name": "v2 Key", "permissions": ["domains:*", "devices:*"]}'

Update Applications
- Replace old keys with new ones
- Update permission checks in code
- Test all integrations

Deactivate Old Keys

curl -X DELETE "https://api.ipulse.one/api-keys/old_key_id" \
  -H "Authorization: Bearer YOUR_JWT_TOKEN"

Introduction

Getting Started

Monitoring

Features

API

API Reference

MCP Integration

​API Keys Management

​Overzicht

​API Key Types

​Personal API Keys

​Organization API Keys

​Service Account Keys

​Creating API Keys

​Via Dashboard

​Via API

​Managing API Keys

​List API Keys

​Update API Key

​Rotate API Key

​Delete API Key

​Permissions System

​Available Permissions

​Domains

​Devices

​Incidents

​Services

​Reports

​Administration

​Permission Presets

​Security Features

​IP Restrictions

​Geographic Restrictions

​Time-based Restrictions

​Monitoring & Analytics

​API Key Usage

​Audit Logs

​Rate Limiting

​Rate Limit Tiers

​Rate Limit Headers

​Handling Rate Limits

​Best Practices

​Key Management

​Security

​Monitoring

​Troubleshooting

​Common Issues

​Debug Commands

​Migration Guide

​Upgrading from v1 to v2

​Support

​Getting Help

​Enterprise Support

API Keys Management

Overzicht

API Key Types

Personal API Keys

Organization API Keys

Service Account Keys

Creating API Keys

Via Dashboard

Via API

Managing API Keys

List API Keys

Update API Key

Rotate API Key

Delete API Key

Permissions System

Available Permissions

Domains

Devices

Incidents

Services

Reports

Administration

Permission Presets

Security Features

IP Restrictions

Geographic Restrictions

Time-based Restrictions

Monitoring & Analytics

API Key Usage

Audit Logs

Rate Limiting

Rate Limit Tiers

Rate Limit Headers

Handling Rate Limits

Best Practices

Key Management

Security

Monitoring

Troubleshooting

Common Issues

Debug Commands

Migration Guide

Upgrading from v1 to v2

Support

Getting Help

Enterprise Support