Generating an API key

Generating an API key

Overview

CYPHER Learning’s API allows you to integrate your learning platform with third party tools and systems that help elevate your user’s experience. The CYPHER API is the intermediary between the features of the learning platform and your website or software. The API allows you to share data and trigger events that provide nearly endless automation possibilities.

API Versions

CYPHER Learning currently supports two API instances: versions 1.0 and 3.0. 

InfoNOTE: API 1.0 will be supported until full parity with API 3.0 is achieved. For more information contact your Account Executive.

The platform's API uses modern best practices which supports the Open API 3.0 specification and works with popular API invocation tools, such as Postman. The API follows the REST (Representational State Transfer) principles and is based on the following principles:

  • Use GET for accessing items
  • Use POST for adding and updating items
  • Support an 'include' feature to include associated items
  • Support a 'batch' feature to run multiple requests in a single call
  • Rate limiting for server protection
  • Support pagination of small datasets using $offset, with the option to include $order
  • Support fast pagination of large datasets using $after
  • Support $limit to specify the max number of items returned in a list operation
  • Support $include to include related items in the returned values
  • Support $ref to reference related items in a request or response
For more details on using either API version:
  1. API 1.0 (Legacy): Visit the API 1.0 (Legacy) knowledge base article.
  2. API 3.0: Visit the API 3.0 knowledge base article.

How to create and configure an API key

By default, API access to your site is disabled. To enable API, you must first install the API app. To install the API app:
  1. Click Admin from the primary navigation menu.
  2. Click App center from the fly-out menu.

Admin menu active with App center highlighted

The App center displays.
  1. Search for API in the search field.
  2. Click Install on the API app you plan to use.
    1. API 3.0 is recommended.

App center with API entered and highlighted in the Search Phrase fields and the Install button highlighted on the API 3.0 app tile

Generating an API key

An API key is a unique, secret token used to authenticate requests to an API and identify the calling application. It enables the service to authorize access, track usage, and enforce rate limits or billing.

Only Super administrators can create API keys on the learning platform. They have the ability to edit, delete, and add API keys as needed. In addition, each API key can have an optional expiry date, restricted set of IPs, and/or a restricted set of operations, allowing for the creation of different keys for different situations.

To create a new API key, super administrators:

  1. Click Admin from the primary navigation menu.
  2. Click API from the fly-out menu.
  3. Click Add.

Admin, API keys page with the Add button highlighted

The Add pop-up displays.
  1. Enter a Name for the API key.
  2. Select the API Version you wish to use.
  3. Click Save.

Add pop-up with an API key name and version 3.0 selected

When an API key is created, it is not enabled and has no restrictions. To enable the API key:
  1. Click the Enabled checkbox.
Admin, API keys page with the Enabled checkbox highlighted for an API key

Viewing and configuring an API key

To view and configure an API key:
  1. Click the API key name.

Admin, API keys page with an API key name highlighted

The API key page displays, and includes the API key Name and Secret key. If you would like to rename the key:
  1. Click Rename.

Admin, specific API key page with the Rename button highlighted

The Edit pop-up displays.
  1. Type the new name for the API key.
  2. Click Save.

The Edit pop-up with a new API key name entered

You can also regenerate a new secret key. To create a new key:
  1. Click Regenerate key.
    1. Note that this invalidates the previously used secret key.

Admin, specific API key page with the Regenerate key button highlighted

By default, the super administrator who created the key is listed in the Execute as field. To change the user listed in the Execute as field:
  1. Click Change User.

Admin, specific API key page with the Change User button highlighted

The Select users pop-up displays.
  1. Select a user.
  2. Click Select.

Select users pop-up with a user selected

You can add restrictions to the API key, such as specifying an expiration date, only allowing certain IPs, and editing the scope of the API calls. To set restrictions for the API key:
  1. Click Edit in the Restrictions section.

Admin, specific API key page with the Edit button highlighted in the Restrictions section

The Edit page displays.

By default, the API key never expires. To add an expiration date to the API key:
  1. Select the At specified date radio button under the Expires setting.
  2. Click the Calendar Calendar icon icon to select a date when the API key will expire. 

Admin, API key, Edit page with the Expires section highlighted and At specified date radio button selected

The Edit page also allows you to restrict access to specific IP address. By default, all IPs are allowed. To only allow certain IPs:
  1. Click the Specified radio button under the Allow IPs setting.
  2. Enter an IP address.
  3. Click add.
    1. Note that you can add as many IPs as needed.

Admin, API key, Edit page with the Allow IPs section highlighted and Specified radio button selected

You can also restrict the set of operations of the API key by defining its scope. By default, all HTTP Verbs are included in the key configuration. To restrict the API key to specific verbs:
  1. Click the Specified radio button under the HTTP Verbs setting.
  2. Only select the verbs you would want to allow for the API key.

Admin, API key, Edit page with the HTTP Verbs section highlighted and Specified radio button selected

You can further limit the scope of the API key by specifying which endpoints it can access. By default, an API key has access to all endpoints. To restrict access to specific endpoints: 
  1. Click the Specified radio button for the Endpoint setting.
  2. Select the endpoints you would like to enable for the API key.

Admin, API key, Edit page with the Endpoints section highlighted and Specified radio button selected

Once you have configured the API key:
  1. Click Save
Admin, API key, Edit page with HTTP Verb restrictions added and the Save button highlighted

The API key is updated and the selected restrictions are displayed in the Restrictions section.

Admin, specific API key page with HTTP Verb restrictions added

Administrator view

Administrators can see a list of the available API keys, but cannot add, edit or delete them.

To request a new API key or for modifications to be made to existing API keys, administrators must contact the Super administrator of their platform.

To view a list of available API Keys, administrators:

  1. Click Admin from the primary navigation menu.
  2. Click API from the fly-out menu.
Admin menu active with API highlighted

The list of available API keys display, along with their API version number, the date they were created, their expiration date, the number of associated calls, and the number of associated errors.

  1. To see more information about a specific API key, click the API key name.

The API key displays, along with restriction and statistic details. Note that the secret key is masked.
  1. Administrators must contact their Super administrator for the secret key.


    • Related Articles

    • Best practices for administrators

      Overview The following are recommended best practices for new administrators. Choose a short URL Keep your URL short—ideally fewer than 10 characters. For example, if your company is called 'The Academy of Digital Photography,' a URL like 'ADP' is ...

    • Profile settings for administrators

      Overview Every user has a profile page that includes various information such as their basic info, their account details, their friends, photos, social media links, and more. The information that is visible depends on the user's role and the portal's ...

    • Zapier

      Overview Zapier is a popular, easy-to-use service that lets you to integrate more than 1,500 apps using a point-and-click interface - no programming required. The CYPHER Learning app on Zapier allows you to connect your portal with these apps to ...

    • E-commerce

      Overview E-commerce allows you to sell your learning products online. By enabling e-commerce, you can turn your platform into a digital storefront! Visitors and users can browse your course catalog, add courses to their shopping cart, and then pay ...

    • MailChimp

      Overview The Mailchimp integration gives administrators an end-to-end email integration for email marketing and customized Learner email messages. Administrators can import Mailchimp contacts into the portal, and they can export user lists from their ...