Continental Innovates with Rancher and Kubernetes
If you want to access your Rancher clusters, projects, or other objects using external applications, you can do so using the Rancher API. However, before your application can access the API, you must provide the app with a key used to authenticate with Rancher. You can obtain a key using the Rancher UI.
An API key is also required for using Rancher CLI.
API Keys are composed of four components:
Select User Avatar > API & Keys from the User Settings menu in the upper-right.
Click Add Key.
Optional: Enter a description for the API key and select an expiration period or a scope. We recommend setting an expiration date.
The API key won’t be valid after expiration. Shorter expiration periods are more secure.
Available as of v2.4.6
Expiration period will be bound by v3/settings/auth-token-max-ttl-minutes. If it exceeds the max-ttl, API key will be created with max-ttl as the expiration period.
A scope will limit the API key so that it will only work against the Kubernetes API of the specified cluster. If the cluster is configured with an Authorized Cluster Endpoint, you will be able to use a scoped token directly against the cluster’s API without proxying through the Rancher server. See Authorized Cluster Endpoints for more information.
Step Result: Your API Key is created. Your API Endpoint, Access Key, Secret Key, and Bearer Token are displayed.
Use the Bearer Token to authenticate with Rancher CLI.
Copy the information displayed to a secure location. This information is only displayed once, so if you lose your key, you’ll have to make a new one.
If you need to revoke an API key, delete it. You should delete API keys:
To delete an API, select the stale key and click Delete.