“The Fastly API is a RESTful API that supports all features available through the Fastly user interface”
Fastly API
• Customize how you interact with Fastly• Integrate Fastly with your system• Programmatically control Fastly
Fastly API
• Customize how you interact with Fastly• Integrate Fastly with your system• Programmatically control Fastly• Do less with Automation
Recap: Fastly API key
• Available to all customers• One key per customer• Use by including in Fastly-Key reader
Fastly API key limitations
• Key rotation can cause downtime• Role based access control is not available
Recap: Fastly API key
• Key rotation can cause downtime• Role based access control is not available• Affects everyone in the organization
API Tokens
• API Tokens are available per user• Users can create multiple tokens• Two-factor Authentication
API Tokens
• API Tokens are available per user• Users can create multiple tokens• Two-factor Authentication• RBAC / Token Authorization
API Tokens
• API Tokens are available per user• Users can create multiple tokens• Two-factor Authentication• RBAC / Token Authorization• Zero downtime token rotation
Scope Description
api-key Same access level as an API Key (default)
purge Purge with surrogate-key and URL
purge_all Purge an entire service
Creating a token
POST /tokens
curl -H “Fastly-OTP: 123456” \ -d “[email protected]&password=$SECRET” \ -d “name=purge_token” \ -d “scope=purge” \ https://api.fastly.com/tokens
Creating a token
POST /tokens
curl -H “Fastly-OTP: 123456” \ -d “[email protected]&password=$SECRET” \ -d “name=purge_token” \ -d “scope=purge” \ https://api.fastly.com/tokens
{ “id”: "5YvQH3Rg4bPPkhvPC6WFm2", “user_id”: "1dZ0KVnlsFXc3ZiW9hsAb3", “access_token”: "a103bb87a7b4c71ff932f871dd19dabc", “service_id”: null, “name”: "Fastly API Token", “scope”: "api-key" “created_at”: 2016-06-21T23:04:20+00:00" }
{ “id”: "5YvQH3Rg4bPPkhvPC6WFm2", “user_id”: "1dZ0KVnlsFXc3ZiW9hsAb3", “access_token”: "a103bb87a7b4c71ff932f871dd19dabc", “service_id”: null, “name”: "Fastly API Token", “scope”: "api-key" “created_at”: 2016-06-21T23:04:20+00:00" }
Revoking a token
DELETE /tokens/self Revokes a token used in the request
DELETE /tokens/:id Revokes a token based on token id
Other features
GET /tokens/self Get basic information about the token
GET /tokens List a user’s provisioned tokens
GET /customer/:id/tokens List all tokens associated to a customer (for superuser)
Top Related