Client identities (API-keys)

A client identity, or API-key, (formerly known as sdkUser) is an identity that is registered in the ImageVault database. Each client that communicates with ImageVault needs a client identity. The identity consists of a key (user name) and secret (password). For the ImageVault UI and add-on this is managed in the imagevault.client.config file (using the sdkUser node).

In versions before ImageVault 4.4, this identity was an actual user in Episerver. From version 4.4 this is no longer an actual user but instead the identity only resides in the ImageVault database (ClientIdentities table).

The client identity required for the ImageVault components (connectors and clients) is created during setup of ImageVault; the installation program uses the key iv4sdk, you supply the secret.

Managing

All client identities are registered in the ImageVault database, in the ClientIdentities table. Each identity consists of a key (user name) and hashed secret (password).

Adding

To create new identities you can use the PowerShell command Add-IvClientIdentity

Add-IvClientIdentity -Username myuser -Password mypassword -AllowImpersonate $true -SqlServerName dbserver -SqlServerPort 1433 -DatabaseName ivdb -LoginName ivdbuser -LoginPassword ivdbpass

Parameters for Add-IvClientIdentity

  • Username - the key of the client identity
  • Password - the secret of the client identity
  • AllowImpersonate - should be true if the client identity should be able to perform impersonation oauth grants
  • SqlServerName - the name of the SQL server instance
  • SqlServerPort - the port that the SQL server uses, use 0 or omit for the default port
  • DatabaseName - the name of the database
  • LoginName - the login name of the user that should run the scripts (omit to use the current window user)
  • LoginPassword - the password for the login Name (omit if using the current windows user)

Example

Add-IvClientIdentity
    -Username iv4sdk `
    -Password "secretPa$$w0rd" `
    -AllowImpersonate $true `
    -SqlServerName "." `
    -SqlServerPort 0 `
    -DatabaseName "ivinstalltest" `
    -LoginName "ivinstalltest" `
    -LoginPassword "ivinstalltest" `

Information on how to run the PowerShell commandlet and loading the correct PowerShell snap-in can be found in the manual installation instructions.

Removing

To remove a client identity you have to remove the post in the database. After updating the database you need to restart the ImageVault web service for it to take effect.

comments powered by Disqus