Skip to main content

How to Manage Your API Keys (On Premise, SCIM, Public APIs)

Learn how to manage API keys for: On-Premise Synchronization, SCIM Provisioning, or using our Public APIs.

D
Written by Dalia ABEL
Updated over 2 weeks ago

This operation requires the presence of an administrator from your Office 365 tenant.

API keys allow you to securely connect third-party applications or systems to Letsignit without going through the user interface.

1 - Creating an API Key

First, go to the “API” page, accessible from the “Settings” menu:

  • Click on “Create an API Key”:

  • Give your key a name.

  • Select the relevant scope:

    • SCIM (for automatic provisioning from Entra ID) – [more details here]

    • On Premise

    • Public APIs

  • Click on “Create”

  • Make sure to copy the secret key displayed. It will not be available again once the window is closed.

1.1 SCIM API Keys – Specifics

If you select the SCIM scope when creating a key, you can choose whether or not to enable SCIM custom attributes.

  • This option can also be modified later from the API key list, in the key settings:

  • If you create multiple API keys with the SCIM scope, the activation/deactivation of SCIM custom attributes will apply globally to all of them.

1.2 On Premise API Keys – Specifics

If you select the On Premise scope, you’ll be able to:

  • Allow your script to retrieve Letsignit signatures

  • Allow your script to send AD information to Letsignit

These options can also be modified later from the API key list, in the key settings:

2 - Revoking an API Key

For security reasons (compromised key, restricted access, unauthorized user, etc.), you can revoke an API key at any time.

🔐 What does this mean?

Revoking an API key means permanently deactivating it.

Once revoked:

  • The key can no longer be used to authenticate requests.

  • Any request using the key will return an authorization error (typically 401 or 403).

🛠️ How to revoke a key?

  • On the API page, click on the three dots in the “Actions” column next to the API key you want to revoke:

  • Click on “Revoke”

  • Confirm by clicking on “Revoke permanently”

3 - API Key Expiration

Each API key you create is valid for 1 year from the date of creation.

📬 Expiration notification

To avoid service disruption:

  • The global tenant admin will receive an email notification 1 month before the key expires.

  • Make sure to generate a new key in time and update your integrations.

🚫 What happens after expiration?

  • An expired key becomes unusable: any request made with it will be rejected.

  • In the API key list, the key is marked as “Expired” (red status dot).

  • An information message will notify you that the key will be automatically deleted 3 months after its expiration date.

For your development teams who would like documentation on our public APIs, here is the link

Did this answer your question?