Authentication

Authentication credentials for the majority of our API use a hash-based message authentication code or HMAC-SHA-256 created through an API client. Each member of your team use their own client set up locally to prevent accidental exposure of credentials.

If you're using the NetStorage Usage commands, you also need to create NetStorage auth.

API clients

There are different types of API clients that grant access based on your need, role, or how many accounts you manage.

Create a basic API client

1. Navigate to the Identity and Access Management section of Akamai Control Center and click Create API Client.

2. Click Quick and then Download in the Credentials section.

3. Open the downloaded file with a text editor and add [default] as a header above all text.

   Shell

   [default]
   client_secret = C113nt53KR3TN6N90yVuAgICxIRwsObLi0E67/N8eRN=
   host = akab-h05tnam3wl42son7nktnlnnx-kbob3i3v.luna.akamaiapis.net
   access_token = akab-acc35t0k3nodujqunph3w7hzp7-gtm6ij
   client_token = akab-c113ntt0k3n4qtari252bfxxbsl-yvsdj
   

If you choose to place your resource file in any other location or use a different heading:

• Add the -EdgeRCFile parameter in the commands and provide the path to its location,
• Use the -Section parameter and provide a value.

Alternatively, you can use your credentials as environment variables.

NetStorage

NetStorage usage functions don't use your API client's Edge credentials. Instead, you use your HTTP API key in combination with other storage identifiers.

Each upload account requires its own set of credentials, and just like your Edge resource file, the NetStorage one is set up in sections.

Use the New-NetstorageAuth command with your upload account's ID to create a new NetStorage auth file or update an existing one with a new set.

Default location for a new .nsrc at your root directory. To place the file in a different location, use the -OutputDirectory parameter with a path to the location.

# Default 
$ New-NetstorageAuth -UploadAccountID my-upload-account-id

# Designated location
$ New-NetstorageAuth -UploadAccountID my-upload-account-id -OutputDirectory "~/projects/akamai/netstorage"

Switch accounts

When you're working with more than one account, move between them using an account switch key with an API client enabled to manage multiple accounts.

Use your account's ID or name to get your available switch keys and then add the key to either your .edgerc or use the -AccountSwitchKey parameter when calling your function.

Get-AccountSwitchkey -Search "my account name"    

accountSwitchKey      accountName
-------------------   -----------
A-CCT1234:A-CCT5432   Main Street Corporation
A-CCT1234:A-CCT6789   High Street Company

Environment variables

As an alternative way to pass commonly used or globally used Akamai key-value pairs, you can set up and use environment variables.

We support environment variables for credentials and body size.

To use environment variables, format your statement with the export command followed by the variable and value as the argument. While the environment variable names are in all caps and are case sensitive, the -Section parameter value is not.

When using multiple API clients, add in the section header in all caps after AKAMAI_. For example, if you've got a papi section in your .edgerc file, you'd add in PAPI.