This article is primarily for developers who wish to create and manage API keys using cURL commands. If you prefer to create API keys directly from the MediaSilo app, please see Create Your API Key and Secret.
MediaSilo is an API-first company, and our applications consume our own APIs. MediaSilo has a RESTful API which is publicly documented. You can also ask our developers questions on our Discord community.
Introduction
When building an integration or application that consumes another service, programmatic interfaces are the easiest and simplest way to accomplish the task. To prevent the use of credentials, such as username and password or magic link login, API keys are often the solution. MediaSilo provides the ability to create API keys that can be used for these types of workflows. This document will walk you through the process of creating an API key and outline the API key requirements.
How to Create an API Key
Prerequisites / Notes
- You will need a basic understanding of how to make REST style requests against an API; for ease of use we recommend an application such as postman to get you started.
- All API keys are bound to an existing, active user already in the MediaSilo account; this user must already exist and must be an admin before creating the API key.
- If the user the API key is bound to is deactivated, the corresponding API key will no
longer function. - An API key cannot be retrieved once created; it's important to save the response
from the API key creation request.
Getting an Access Token
You will need an active access token to authorize the API key creation request. To obtain this key you will need to log in to the MediaSilo application with the same user you want to create the API key for.
1. Once you are logged in to MediaSilo, open the developer tools for your browser. How to do this will vary based on OS and browser; here are instructions for the Chrome browser.
2. In the developer panel, navigate to the ‘Application’ tab.
3. On the left hand side you will see a section called ‘Storage’; under that is a section for ‘Cookies.’ Twirl this down and you should see the MediaSilo url, either ‘https://app.shift.io’ or ‘https://app.mediasilo.com.’ Select the one that you have from the mentioned list.
4. Once selected, you will see a list of cookies appear on the right, you can search for the cookie with name ‘accessToken’ which will filter to the correct cookie.
5. The data in the ‘Value’ column is the active access token you will need to make the API key creation request. Copy the value and save it. Please remember that this token only lasts for 20 minutes and will be truncated in the UI. Make sure to copy the entire token.
Getting Your Account Hostname
The other value you will need to make the API key create request is your account hostname. Unfortunately, this value is not visible in the UI but can be obtained in the account API request made by the MediaSilo application.
1. Once you are logged in to MediaSilo, open the developer tools for your browser. How to do this will vary based on OS and browser; here are instructions for the Chrome browser.
2. In the developer panel navigate to the ‘Network’ tab.
3. Once the ‘Network’ panel is open and selected, refresh the MediaSilo application. Once the application loads, enter ‘account’ in the search/filter box for the ‘Network’ panel. This will show the account API requests made by the MediaSilo application.
4. Select the second one that is listed as ‘xhr’ in the ‘Type’ column; this will open the API request details on the right. Then, select ‘Preview’ on the right to see the JSON response from the account API request.
5. The user may have access to more than one account; make sure to twirl down to the correct account that you want to create the API key for. Once the correct account is twirled down, look for the key ‘host’ and copy and paste its value. This will be the hostname value you need for the API key creation request.
Creating Your API Key
Now that you have an active access token and your corresponding account hostname, you can create your API key. Below is an example CURL request that will generate the API key. Make sure to swap out all values contained in {} brackets:
curl --location --request POST 'https://api.shift.io/v3/apikeys' \ --header 'MediaSiloHostContext: {HOSTNAME}’ \ --header 'Authorization: Bearer {ACCESS_TOKEN}' \ --data '{ "name":"{API_KEY_NAME}", "description":"{API_KEY_DESCRIPTION}" }' |
The response from this API request will look like the following:
{ "key": "API_KEY_KEY", "secret": "API_KEY_SECRET", "name": "API_KEY_NAME", "description": "API_KEY_DESCRIPTION", "dateCreated": null, "lastUsed": null } |
Next Steps
Now that you have your API key, you can get started using the API. Documentation for the MediaSilo API can be found here: https://docs.shift.io/docs/getting-started/.
Managing Your API Keys
Each user may have more than one API key. You may also have the need to rotate your keys. Once an API key is created, you can no longer retrieve the secret, but the requests below will allow you to see and delete existing keys. This will help you manage your keys and handle workflows such as API key rotation.
Get API Keys
API key GET request:
curl --location --request GET 'https://api.shift.io/v3/apikeys' \ --header 'MediaSiloHostContext: {HOSTNAME}’ \ --header 'Authorization: Bearer {ACCESS_TOKEN}'' |
API response:
[ { "key": "b5ce9976", "secret": "*******", "name": "api-test-01", "description": "", "dateCreated": 1710259533313, "lastUsed": 0 }, { "key": "52b77c48", "secret": "*******", "name": "api-test-02", "description": "", "dateCreated": 1710258749869, "lastUsed": 0 } ] |
Delete API Keys
API key DELETE request:
curl --location --request DELETE 'https://api.shift.io/v3/apikeys/{API_KEY}' \ --header 'MediaSiloHostContext: {HOSTNAME}’ \ --header 'Authorization: Bearer {ACCESS_TOKEN}'' |