Access Key Management
Overview
The Descope service supports access to an application utilizing the Descope authentication service via Access Keys. These keys are similar to API keys and allow for administrators to authenticate into their application using the Access Key. These access keys can late be exchanged for a session JWT. The Descope service offers API endpoints for managing Access Keys.
Use Cases
- Load An Access Key
- Search Access Keys
- Create Access Key
- Update Access Key
- Activate Access Key
- Deactivate Access Key
- Activate Access Keys in Batch
- Deactivate Access Keys in Batch
- Delete Access Keys In Batch
- Delete Access Key
Examples
Example - Create an access key and exchange it for a JWT
- Utilize the Create Access Key Endpoint and capture the generated key from the
cleartextin the response. - Utilize the generated key within the Exchange Access Key Endpoint to exchange the key for a JWT.
Example - Search and deactivate an access key
- Utilize the Search Access Keys Endpoint and review the response for the key you would like to deactivate
- Utilize the Deactivate Access Key Endpoint using the access key Id from step 1.
Import User Passkeys POST
Import passkey credentials for a user, using a valid management key.
Load An Access Key GET
### Load an access key, using a valid management key. This API endpoint allows administrators to load the details of an existing access key. The response contains details of the access key including associated roles and tenants as well as details of the key's creation, status, and expiration. ### Next Steps Once you have this data, you can utilize the response to [Update an access key](/api/management/access-keys/update-access-key), [Activate an access key](/api/management/access-keys/activate-access-key), [Deactivate an access key](/api/management/access-keys/deactivate-access-key), or [Delete an access key](/api/management/access-keys/delete-access-key). ### See also - See [Access Key Management](/access-keys) for further details on managing access keys.