Guide
TrainingSupportCommunity

Use the API to generate and retrieve EdgeKV access tokens

Suggest Edits

You can use the administrative API to generate, list, and retrieve access tokens created for EdgeKV.

Review the Generate and retrieve EdgeKV access tokens section for information about how access tokens work, how to create them, and the fields that need to be specified.

For information about these request and response examples refer to the EdgeKV API documentation.

Generate an EdgeKV access token

Follow these steps to use the API to generate an access token for EdgeKV.

To retrieve an access token after it has been created, refer to the Retrieve a single EdgeKV access token instructions.

You can use the JSON response from to update your edgekv_tokens.js file.
You do not need to store this response. Responses are securely stored by Akamai and can be retrieved later.

  1. To generate a new EdgeKV Access Token for a specific namespace use the POST verb and the /tokens endpoint. This is a sample of the request syntax:
POST /edgekv/v1/tokens
Content-Type: application/json Request body:
{
    "name": "<token name>",
    "allowOnProduction": "true | false",
    "allowOnStaging": "true | false",
    "namespacePermissions": {
        "default": [
            "r",
            "w",
            "d"
        ]
    }
}
  1. Based on the template above, here is a sample request to create a token for the default namespace with read/write/delete permissions:
http --print=hbHB --auth-type edgegrid -a default: POST :/edgekv/v1/tokens name=my_token allowOnStaging=true allowOnProduction=true namespacePermissions:='{"default":["r","w", "d"]}'
  1. Here is an example of the API response:
HTTP/1.1 200 OK
Content-Type: application/json
{
  "allowOnProduction": true,
  "allowOnStaging": false,
  "cpcode": "1234567",
  "expiry": "2021-09-30",
  "issueDate": "2022-04-30",
  "name": "my_token",
  "namespacePermissions": {
    "default": [
      "r",
      "w",
      "d"
    ],
    "marketing": [
      "r"
    ]
  },
  "nextScheduledRefreshDate": "2022-06-30",
  "restrictToEdgeWorkerIds": [
    "1234",
    "5678"
  ],
  "tokenActivationStatus": "IN_PROGRESS",
  "uuid": "fa3a7ae0-xxxx-xxxx-xxxx-f0638c6b7466"
}

You can use the JSON response from the above command in your edgekv_tokens.js file. You do not need to store this response. It will be securely stored by Akamai and can be retrieved later.

👍

You should make sure to write down the token name, as it will not be shown again.

List all EdgeKV access tokens

Follow these steps to use the API to list access tokens previously created for EdgeKV.

To include expired tokens in the response add the optional includeExpired=true parameter to the request body.

  1. To get a list of EdgeKV access tokens that you have permission to view from your account, use the GET verb and the tokens endpoint:
GET /edgekv/v1/tokens?includeExpired=true
  1. Here is a sample request to list the EdgeKV tokens available from your account:
http --print=hbHB --auth-type edgegrid -a default: GET :/edgekv/v1/tokens
  1. Here is an example of the administrative API response:
{
  "tokens": [
    {
      "expiry": "9999-12-31",
      "name": "token1",
      "uuid": "12886ccf-xxxx-xxxx-xxxx-766740ce227e",
      "tokenActivationStatus": "COMPLETE",
      "issueDate": "2022-01-30",
      "latestRefreshDate": "2022-03-30",
      "nextScheduledRefreshDate": "2022-05-30"
    },
    {
      "expiry": "9999-12-31",
      "name": "token2",
      "uuid": "12886ccf-xxxx-xxxx-xxxx-766740ce227f",
      "tokenActivationStatus": "IN_PROGRESS",
      "issueDate": "2022-04-30",
      "latestRefreshDate": null,
      "nextScheduledRefreshDate": "2022-06-30"
    }
  ]
}

Retrieve a single EdgeKV access token

Follow these steps to use the API to retrieve an access token created for EdgeKV.

  1. To retrieve an EdgeKV access token that you have permission to view from your account, use the GET verb and the tokens/{tokenName} endpoint:
GET /edgekv/v1/tokens/{tokenName}
  1. Here is a sample request to retrieve the EdgeKV access token named token1:
http --print=hbHB --auth-type edgegrid -a default: GET :/edgekv/v1/tokens/token1
  1. Here is an example of the administrative API response:
{
  "name": "token1",
  "uuid": "12886ccf-xxxx-xxxx-xxxx-766740ce227e",
  "expiry": "9999-12-31",
  "tokenActivationStatus": "COMPLETE",
  "issueDate": "2022-01-30",
  "latestRefreshDate": "2022-03-30",
  "nextScheduledRefreshDate": "2022-05-30",
  "cpcode": "7654321",
  "restrictToEdgeWorkerIds": [
    "1234",
    "5678"
  ],
  "allowOnProduction": true,
  "allowOnStaging": true,
  "namespacePermissions": {
    "default": [
      "r",
      "w",
      "d"
    ]
  }
}

Refresh an access token

Follow these steps to trigger a manual token refresh instead of waiting for the scheduled automatic token refresh to occur.

  1. Here is a sample request:
POST https\://{hostname}/edgekv/v1/tokens/{tokenName}/refresh

This endpoint does not have a request body.

Example response JSON:

{
  "name": "token1",
  "uuid": "12886ccf-xxxx-xxxx-xxxx-766740ce227e",
  "expiry": "9999-12-31",
  "tokenActivationStatus": "IN_PROGRESS",
  "issueDate": "2022-01-30",
  "latestRefreshDate": "2022-03-30",
  "nextScheduledRefreshDate": "2022-05-30",
  "cpcode": "13243546",
  "restrictToEdgeWorkerIds": [
    "1234",
    "5678"
  ],
  "allowOnProduction": true,
  "allowOnStaging": true,
  "namespacePermissions": {
    "default": [
      "r",
      "w",
      "d"
    ]
  }
}

Updated 4 months ago