Using API Keys when automating tasks

An Application Programming Interface (API) key is a unique identifier used to identify and authenticate an application or user. Simply put, an API helps software programs connect and communicate with one another. An API key is a cryptographic key in a hash-based method authentication code (HMAC). When used to sign requests for service-to-service authentication, the key ensures that important parts of requests for service-to-service authentication did not change.

An API key can be an Internal or External API key.

Internal and external API keys

Generate an Internal or External API key when requested to do so. A Verint representative or a third-party developer may request an API key. These users request API keys when developing or using an application or service that calls an API, as described in the Verint SDK.

In a multi-tenant enabled (cloud) environment, a Service Provider Administrator (SPA) must not create an Internal or External key and share it with a tenant. Each tenant should generate their own Internal or External keys. Use caution when providing Internal or External keys to users. Internal and External keys have access to all supported APIs. A user of an Internal or External key can access the entire system.

  • An internal API key is used for Verint software intercommunication when Verint software is running on a mix of Verint and non-Verint infrastructure. A common example is Verint client software that runs on the desktop computer of an agent and communicates to Verint servers. The Verint servers can be hosted on the customer environment or in the Verint cloud.

  • An external API key allows published APIs to access product components and services. External keys are used by third parties to use Verint Workforce Engagement services. An External key is also used by integrators and customers who want to use the APIs to use Verint services programmatically for integration or automation.

In a multi-tenant enabled (cloud) environment, users can only view and work with the internal or external API keys created for the tenant organization to which they belong.

If you are logged in as a user and create an internal or external API key, the API key is automatically associated to the tenant organization to which you belong.

API key expiry and rotation Specific repeating sequence of work patterns in WFM assigned to employees. Rotations override work patterns.

To enhance security and comply with PCI 4.x requirements, the system supports key expiry and the automatic rotation of keys. This approach makes it easier to manage API keys securely and efficiently.

API Key expiry and rotation is currently being rolled out to cloud customers. It may not be available in your site just yet.

Providing an application key to a requester

You provide an API key to a key requester by copying the key from the user interface and pasting it into a text document or email.

Topics 

Related topics 

API Keys screen reference

Generate an API Key

Display an API Key value

Copy an API Key