Old Service Credentials
Objective
This guide provides instructions on how to generate service credentials related to F5 services from the Console. Service credentials can be created by administrator users and these credentials have roles assigned to provide API access to F5 services. While creating service credentials, roles can be specified and these roles are assigned to the created user called as ServiceUser
.
Unlike My Credentials
that inherit the roles of the users, you can assign specific roles to the service user.
Using the instructions provided in this guide, you can create service credentials of type service API token and user it in API requests.
Prerequisites
The following prerequisites apply:
- Note: If you do not have an account, see Create a Account.
- A single-node or multi-node Volterra site in case of application deployment
- Note: If you do not have a site, see Site Management.
Generate Service API Token
Step 1: Start credential creation in VoltConsole.
Log into the Console using your tenant credentials and click on the General
option in the namespace selector. Select IAM
-> Service Credentials
in the configuration menu and click Create service credentials
.
Step 2:Configure name and select credential type.
- Enter a name for your certificate and select
API Token
for theCredential type
field. - Select an expiry date in the
Expiry Date
field.
Step 3:Optionally, assign roles.
- Click
Assign roles and namespaces
to open the namespace and role assignment screen. - Select a namespace in the
Namespace
field. Optionally, selectMake Admin
checkbox to grant the admin role. - Click on
Select role
field and select a role from the displayed choices. You can add more roles using theAdd another role
.
- Click
Add roles
.
Step 4: Generate the credentials and copy it.
- Click
Generate
to generate the service API token.
- Generated service API token gets displayed. Click
Copy
to copy the token and clickDone
. Ensure that you save the copied token for later use.
After generating, you can use it in API request. The following is a sample API request to list service credentials in the shared namespace.
curl -k --request GET https://customer1.demo1.volterra.us/api/web/namespaces/shared/service_credentials \
--header 'Authorization: APIToken dZ1sTUtOA3bG2wfAXZy6/gR6ZW8='
Revoke API Tokens
You can force an API token to be expired before its configured expiry time. Perform the following to revoke API tokens:
Step 1: Navigate to your service credentials and VoltConsole.
Log into the onsole using your tenant credentials and click on the General
option in the namespace selector. Click IAM
-> Service Credentials
.
Step 2: Perform revoke operation for an existing service credential object.
Select the API token for which you want to force expiry and click ...
-> Force Expiry
.
Step 3: Complete revoke operation.
Click Force Expire
in the confirmation window to cause API token expiry.
Note: You can renew or delete an expired credential. Click
...
->Renew
against expired credential from the list of credentials to renew it. Set an expiry date and clickRenew Credential
in the confirmation box. Click...
->Delete
against expired credential from the list of credentials to delete it. ClickDelete
in the confirmation box.