Navigation

Create & Manage User API Keys

Overview

User API keys are generated for specific application users by the client SDKs. You can allow devices or services to communicate with MongoDB Realm on behalf of a user by associating a unique user API key with each device or service.

User API keys are always associated with a user object created by another non-anonymous authentication provider. Each user can associate up to 20 user keys with their account.

Note

User API keys are not the same as server API keys, which allow a user or service to directly authenticate with MongoDB Realm using the API Key authentication provider. To learn more about server API keys, see API Key Authentication.

Create a User API Key

To create a new user API key, call the createApiKey() or createApiKeyAsync() methods of a logged in user’s apiKeyAuth instance. The user API key will be associated with the logged in user and can be used to interact with MongoDB Realm on their behalf. You cannot create user API keys for anonymous users.

user.apiKeyAuth?.createApiKeyAsync("<name-of-the-api-key>") {
   if (it.isSuccess) {
      Log.v(TAG, "Successfully created the API Key: " + it.get().value)
   } else {
      Log.e(TAG, "Error creating API key: ", it.error)
   }
}
user.getApiKeyAuth().createApiKeyAsync("<name-of-the-api-key>", result -> {
   if (result.isSuccess()) {
      Log.v(TAG, "Successfully created API key: " + result.get().getValue());
   } else {
      Log.e(TAG, "Error creating API key: " + result.getError());
   }
});

Look up a User API Key

To get a list of all user API keys associated with the logged in user, call the fetchApiKeys() or fetchApiKeysAsync() methods of a logged in user’s apiKeyAuth instance.

user.apiKeyAuth?.fetchAllApiKeys() {
   if (it.isSuccess) {
      Log.v(TAG, "Successfully fetched API keys: " + Arrays.toString(it.get().toTypedArray()))
   } else {
      Log.e(TAG, "Error fetching API keys: " + it.error)
   }
}
user.getApiKeyAuth().fetchAllApiKeys(result -> {
   if (result.isSuccess()) {
      Log.v(TAG, "Successfully fetched API keys: " + Arrays.toString(it.get().toTypedArray()));
   } else {
      Log.e(TAG, "Error fetching API keys: " + result.getError());
   }
});

To look up a specific user API key for the logged in user, pass the key’s id to the fetchApiKey or fetchApiKeyAsync methods.

user.apiKeyAuth?.fetchApiKeyAsync(<api-key-id>) {
   if (it.isSuccess) {
      Log.e(TAG, "Successfully fetched API key: " + it.get())
   } else {
      Log.e(TAG, "Error fetching API key: " + it.error)
   }
}
user.getApiKeyAuth().fetchApiKeyAsync(api-key-id>, result -> {
   if (result.isSuccess()) {
      Log.v(TAG, "Successfully fetched API key: " + result.get());
   } else {
      Log.e(TAG, "Error fetching API key: " + result.getError());
   }
});

Enable or Disable a User API Key

To disable a specific user API key without deleting it, pass the key’s id to the disableApiKey() or disableApiKeyAsync() methods of a logged in user’s apiKeyAuth instance.

user.apiKeyAuth?.disableApiKeyAsync(<api-key-id>) {
   if (it.isSuccess) {
      Log.v(TAG, "Successfully disabled API Key: " + it.get())
   } else {
      Log.e(TAG, "Error disabling API key: ", it.error)
   }
}
user.getApiKeyAuth().disableApiKeyAsync(<api-key-id>, result -> {
   if (result.isSuccess()) {
      Log.v(TAG, "Successfully disabled API key: " + result.get();
   } else {
      Log.e(TAG, "Error disabling API key: " + result.getError());
   }
});

To enable a specific user API key that was previously disabled, pass the key’s id to the enableApiKey() or enableApiKeyAsync() methods of a logged in user’s apiKeyAuth instance.

user.apiKeyAuth?.enableApiKeyAsync(<api-key-id>) {
   if (it.isSuccess) {
      Log.v(TAG, "Successfully enabled API Key: " + it.get())
   } else {
      Log.e(TAG, "Error enabling API key: ", it.error)
   }
}
user.getApiKeyAuth().enableApiKeyAsync(<api-key-id>, result -> {
   if (result.isSuccess()) {
      Log.v(TAG, "Successfully enabled API key: " + result.get();
   } else {
      Log.e(TAG, "Error enabling API key: " + result.getError());
   }
});

Delete a User API Key

To permanently remove a specific user API key, pass the key’s id to the deleteApiKey() or deleteApiKeyAsync() methods of a logged in user’s apiKeyAuth instance.

user.apiKeyAuth?.deleteApiKeyAsync(<api-key-id>) {
   if (it.isSuccess) {
      Log.v(TAG, "Successfully deleted API Key: " + it.get())
   } else {
      Log.e(TAG, "Error deleting API key: ", it.error)
   }
}
user.getApiKeyAuth().disableApiKeyAsync(<api-key-id>, result -> {
   if (result.isSuccess()) {
      Log.v(TAG, "Successfully deleted API key: " + result.get();
   } else {
      Log.e(TAG, "Error deleting API key: " + result.getError());
   }
});