ric/uptime-kuma
1
0
Fork 0
mirror of https://github.com/louislam/uptime-kuma.git synced 2025-02-25 21:15:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Added documentation for louislam/uptime-kuma#2558 

Signed-off-by: Matthew Nickson <mnickson@sidingsmedia.com>
Matthew Nickson 2023-02-15 22:18:36 +00:00
parent a64bff6ae5
commit e97fd64eb8
No known key found for this signature in database
GPG key ID: BF229DCFD4748E05
1 changed files with 65 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

65
APIKeys.md Normal file

@ -0,0 +1,65 @@
# API Keys
API keys can be used to access secured HTTP APIs, including the
Prometheus metrics endpoint.
## Adding an API key
Management of API keys is done through the API Key management page,
accessible from the drop down menu, just below the maintenance link. This
page will show you all of your API keys, including expired keys. The
green button in the top left can be used to add a new key.
You can set the name of the key, as well as it's expiry date, or
optionally set the key to never expire. When you click generate, you
will be shown the API key in a pop up dialog, you should make sure to
make a copy of the key as it will not be shown again. The API key cannot
be used to access the web interface but you should treat API keys like
you treat your passwords as they can still be used to access potentially
sensitive data.
Note: whilst basic authentication will continue to work after you
update, you will be unable to use basic authentication as soon as you
add your first API key. After you have added your first API key, basic
authentication for endpoints will be permanently disabled.
## Disabling keys
It is possible to temporarily disable keys. This can be done through the
management page. This will prevent the key from being used for
authentication until it is enabled again.
## Expired keys
If a key has expired, it will not be automatically deleted. This is to
aid in debugging systems that suddenly stop working. You can delete an
expired key, or any key for that matter, by simply hitting the red
delete button from the management page.
## Authenticating using an API key
Authentication is done by passing the API key in the `Authorization`
header. For example, here is a request made with curl to the `metrics`
endpoint.
```
curl -u":<key>" uptime.kuma/metrics
```
Note, the `:` is required before the key as basic authentication
requires a username and password separated by a `:`, however we don't
make use of the username field.
Here is an example config for Prometheus:
```
- job_name: 'uptime'
scrape_interval: 30s
scheme: http
static_configs:
- targets: ['uptime.url']
basic_auth:
password: <api key>
```
Note: we don't need to set a password field as it is not used.