Create access keys for device groups

You can create access keys in the device groups of organizations in 10Duke SysAdmin.

When creating an access key, you generate the credentials that the client application uses to get authorization for license consumption from 10Duke Enterprise.

The access key contains an authorization header in the following format, with the username and password in Base64-encoded format:

Authorization: 10DukeBasic username:password

For example:

10DukeBasic a3Y4TGFhMjRSbGoyOG92OEVBV0FYZDVlMDJUcXpoOXc6ekpZUXBPXzAqJS96V3A3WTh3c1JNeyZdYiFNfXQmTWA=

You define the username (the access key identifier) and the password when creating an access key.

Limitations

• You can delete access keys if needed, but you cannot edit them.

• Apart from the access key’s name, you cannot view an access key’s information after you have created it and closed the dialog.

  The access key’s name is by default the same as the username you define for it. If you keep the default name, you will have access to the username later.

View access keys in an organization’s device group

1. In the left sidebar, go to IDENTITY > Organizations.

2. In the organization table, select the organization and select Actions > Manage device groups.

   The organization’s device group table opens.

3. In the table, select the device group. The details open below the table.

4. Go to the Access key(s) tab.

   The tab shows the names of the access keys in this device group.

Create an access key

Create at least one access key in a device group.

To create an access key:

1. Go to the device group’s Access key(s) tab as described above.

2. Select Actions > Create access key. A dialog opens.

3. In Access key name, edit the name of the access key if needed.

4. Copy the three generated (non-editable) values from the dialog.

   Note: You won’t be able to view these values after saving and closing.

   • Access key identifier: The username for the authorization header.

   • Access key password: The password for the authorization header.

   • Authorization request header key/value pair: The authorization header containing the Base64-encoded username and password.

   Copy each field individually, or click Copy all details to clipboard to copy all three at the same time.

5. Click Save to create the access key.

Next steps:

• Authorize the device group to consume the organization’s licenses as needed.

Delete an access key

You can delete access keys from a device group.

Caution: Deleting an access key removes access to licenses from those devices that use the access key. If the access key is embedded in the devices and cannot be replaced, access is lost permanently.

Instead of deleting access keys, you also have the option of removing authorization from the (whole) device group to consume licenses.

To delete an access key:

1. Go to the device group’s Access key(s) tab as described above.

2. Select the access keys you want to delete and select Actions > Remove access key(s).

3. Click OK to confirm the deletion.

The changes take effect immediately.

If a client application on a device is currently consuming a license using the access key you deleted, the application is able to continue consuming the license until the license lease expires or the application tries to refresh the lease, whichever comes first.