Generating API Keys

API keys are generated using the Zend Server UI (Administration | Web API Keys). When generating a new key, you must specify a name for this key. This may be a username or a group name, which is used to identify the key and to tell the server which key to use when attempting to authenticate a request.

How do I generate a new WebAPI Key?

Valid key names may be composed only of “token” characters as defined by RFC-2616, with the addition of the whitespace character and the ‘@’ character. This allows all printable US-ASCII characters (ASCII characters 0x20 to 0x7e) with the exception of the following characters:

( ) < > , ; : \ " / [ ] ? = { }

In addition, key names may not begin or end with a whitespace character.

The specific API key also determines the access level granted when using this key.


Zend Server API keys must be kept secret and immediately revoked if there is any chance that they have been compromised.