Files
notifications-admin/app/templates/views/api-keys.html
Chris Hill-Scott 9784a9936c Add pages for create/view/revoke API keys
Copying what they’ve done on GOV.UK Pay, we should let users:
- generate as many keys as they want
- only see the key at time of creation
- give keys a name
- revoke any key at any time (this should be a one way operation)

And based on discussions with @minglis and @servingUpAces, the keys should be
used in conjunction with some kind of service ID, which gets encrypted with the
key. In other words the secret itself never gets sent over the wire.

This commit adds the UI (but not the underlying API integration) for doing the
above.
2016-01-20 16:22:23 +00:00

62 lines
1.6 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{% extends "withnav_template.html" %}
{% from "components/table.html" import list_table, field, hidden_field_heading %}
{% block page_title %}
GOV.UK Notify | API keys and documentation
{% endblock %}
{% block maincolumn_content %}
<h1 class="heading-xlarge">
API keys
</h1>
<p>
To connect to the API you will need to send your service ID, encrypted with
an API key. The API key stays secret.
</p>
<p>
There are client libraries for several languages which manage this for
you. See
<a href="{{ url_for(".documentation", service_id=service_id) }}">the
developer documentation</a> for more information.
</p>
<h2 class="api-key-name">
Service ID
</h2>
<p class="api-key-key">
{{ service_id }}
</p>
{% call(item) list_table(
keys,
empty_message="You havent created any API keys yet",
caption="API keys",
caption_visible=False,
field_headings=['Key name', 'Created at', hidden_field_heading('Action')]
) %}
{% call field() %}
{{ item.name }}
{% endcall %}
{% call field() %}
{{ item.last_used }}
{% endcall %}
{% if item.revoked %}
{% call field(align='right', status='default') %}
Revoked {{ item.revoked }}
{% endcall %}
{% else %}
{% call field(align='right', status='error') %}
<a href='{{ url_for('.revoke_api_key', service_id=123, key_id=item.id) }}'>Revoke</a>
{% endcall %}
{% endif %}
{% endcall %}
<p>
<a href="{{ url_for('.create_api_key', service_id=service_id) }}">Create a new API key</a>
</p>
{% endblock %}