| Overview
The API Management page provides administrators and authorized support users with secure access to the API subscription keys required for integrating external applications with the 75F platform. It serves as a centralized location for viewing, copying, and managing authentication keys for the available APIs.
The feature simplifies API consumption by exposing separate subscription keys for different API categories while maintaining secure access control through user permissions.
| Accessing API Management
To access the API Management page:
- Navigate to Building Options.
- Select API Management from the left navigation panel.
- Click the API keys section.
The API Keys section is displayed.
The page organizes API credentials into multiple API groups:
- Read API
- Write API
- Special Schedule API
Selecting an API tab displays the corresponding subscription keys:
- Primary Key
Each key can be:
- Displayed or hidden using the Eye icon.
- Copied directly to the clipboard using the Copy icon.
Additional expandable sections include:
| API Usage
The API Usage section provides a consolidated view of API consumption across the selected date range. It enables administrators to monitor API activity, review usage metrics, and understand overall API utilization for the site.
The section includes a date range selector for filtering API activity and a usage summary that categorizes API requests by API type.
| API Trial
The API Trial section provides an embedded interactive API documentation interface powered by Swagger (OpenAPI Specification 3.0). It enables developers and integrators to explore the available APIs, review request and response schemas, and test API endpoints directly from the Facilisight portal without requiring external API tools.
This feature serves as a built-in developer portal, allowing users to validate API functionality before integrating with external applications.
For a L1 integrator, the subscription keys are prefilled. So in the trial sections, users can just click Try It Out to use the APIs, as shown below.
| API Keys
Primary Key
The Primary Key is the default authentication key used by external applications to authenticate API requests.
Key Visibility
Subscription keys are masked by default for security.
Selecting the Eye icon reveals the complete key.
Selecting the icon again hides the key.
This prevents accidental exposure while still allowing authorized users to verify the key when required.
Copying API Keys
The Copy icon allows users to copy the selected subscription key directly to the clipboard.
Copied keys can then be used in:
- Postman
- REST clients
- Integration middleware
- Custom applications
- Automation scripts
This eliminates manual typing and reduces authentication errors.
| User Permissions
API subscription keys are only visible to users with appropriate permissions.
Support users possessing the L3 integrator certification level are able to:
- View API keys
- Reveal hidden keys
- Copy keys
- Run Trails
Users without L3 integrator certification permissions will not have access to these credentials.
| APIM Add-on Flow
The APIM Add-on Flow illustrates the complete lifecycle of enabling, accessing, and consuming the API Management (APIM) feature within the FacilitySight platform. Since APIM is offered as an optional add-on, it must first be enabled by a Billing Administrator before users can access its capabilities. The flow also demonstrates how role-based permissions and certification levels (L1, L2, L3) determine who can create APIs, manage subscription keys, and integrate external applications.
Once enabled, L3-certified users can generate and manage subscription keys, which are used to authenticate external API requests securely. These keys may be shared with L1/L2 users for approved integrations, while API consumption is continuously tracked for reporting and billing purposes. This workflow ensures secure access control, controlled API distribution, and transparent usage-based billing across the organization.
| Capabilities
The API Management feature enables administrators to:
- Manage API subscription credentials from a single location.
- Access dedicated authentication keys for different API categories.
- Reveal or hide API keys for secure viewing.
- Copy subscription keys for immediate use.
- Maintain two interchangeable authentication keys for each API.
- Rotate API credentials with minimal service interruption.
- Support secure integrations with external applications.
| Advantages
Secure Authentication
API keys remain hidden until explicitly revealed, reducing accidental exposure.
Simplified Integration
Users can quickly copy authentication keys into API clients without manually entering lengthy credentials.
Enterprise Standard
The implementation aligns with common enterprise API management practices by exposing two interchangeable subscription keys rather than a single credential.
Better Operational Management
Separating APIs into logical categories (Read, Write, and Special Schedule) makes credential management easier and improves organization for integration teams.
| UI Components
| Component | Description |
|---|---|
| Read API | Displays subscription keys for read-only API operations. |
| Write API | Displays subscription keys for APIs that modify data. |
| Special Schedule API | Displays authentication keys for schedule-related API operations. |
| Primary Key | Default subscription key used for authentication. |
| Show/Hide Icon | Reveals or masks the API key. |
| Copy Icon | Copies the selected API key to the clipboard. |
| API Usage | Displays API usage information (when available). |
| API Trial | Displays trial information for API access. |
| Best Practices
- Keep API subscription keys confidential and avoid sharing them publicly.
- Rotate API keys periodically as part of your organization's security policy.
- Store copied keys securely using a credential manager or secure secrets vault.
- Grant API Management access only to authorized administrative or support users.
Comments
0 comments
Please sign in to leave a comment.