Manage User API Keys - Java SDK
On this page
Application users can generate user API keys with the SDK. You can allow devices or services to communicate with Realm on behalf of a user by associating a unique user API key with each device or service.
User API keys are always associated with a user object created by another non-anonymous authentication provider. Each user can associate up to 20 user keys with their account.
Tip
User API keys are not the same as server API keys, which allow a user or service to directly authenticate with Realm using the API Key authentication provider. To learn more about server API keys, see API Key Authentication.
Create a User API Key
To create a new user API key, call the create() or createAsync() methods of a logged in user's apiKeyAuth instance. The user API key will be associated with the logged in user and can be used to interact with Realm on their behalf. You cannot create user API keys for anonymous users.
Warning
Store the API Key Value
The SDK only returns the value of the user API key when you create it. Make
sure to store the key
value securely so that you can use it to log in.
If you lose or do not store the key
value there is no way to recover it.
You will need to create a new user API key.
Look up a User API Key
To get a list of all user API keys associated with the logged in user, call the synchronous fetchAll() method or asynchronous fetchAll() method of a logged in user's ApiKeyAuth instance.
To look up a specific user API key for the logged in user, pass the key's id to the fetch() or fetchAsync() methods of a logged in user's ApiKeyAuth instance.
Enable or Disable a User API Key
Disable a User API Key
To disable a specific user API key without deleting it, pass the key's id to the disable() or disableAsync() methods of a logged in user's ApiKeyAuth instance.
Enable a User API Key
To enable a specific user API key that was previously disabled, pass the key's id to the enable() or enableAsync() methods of a logged in user's ApiKeyAuth instance.
Delete a User API Key
To permanently remove a specific user API key, pass the key's id to the delete() or deleteAsync() methods of a logged in user's ApiKeyAuth instance.