Import existing consumer keys and secrets

This page applies to Apigee and Apigee hybrid.

View Apigee Edge documentation.

Apigee automatically generates consumer keys and consumer secrets when you create developer apps and associate them with API products. (Those procedures are covered in Controlling access to your APIs by registering apps.) However, you may have existing consumer keys and secrets that you want to import into Apigee from another system. Technically, this process isn't an import. It's recreating the existing keys in Apigee one at a time.

Consumer key (API key) size	2 KB
Consumer secret size	2 KB

1. Create the consumer keys and secrets using the Apigee API.
   See the create a consumer key and secret API. Here's the curl:
   

   curl https://apigee.googleapis.com/v1/organizations/{org}/developers/{developer_email}/apps/{app_name}/keys \
     -X POST \
     -H "Authorization: Bearer $TOKEN" \
     -H 'Content-type:application/json' \
     -d \
       '{
         "consumerKey": "key",
         "consumerSecret": "secret",
         "expiresInSeconds": "180"
       }'

   Where $TOKEN is set to your OAuth 2.0 access token, as described in Obtaining an OAuth 2.0 access token. For information about the curl options used in this example, see Using curl. For a description of the environment variables used, see Setting environment variables for Apigee API requests.

   For a description of the fields that you can provide in the request body, see Resource: DeveloperAppKey.

2. Associate the consumer key/secret with one or more Apigee API products. Doing this allows the imported consumer key (also called the API key) to be used in calls to API proxies where authorization is controlled by products.
   See the ReplaceDeveloperAppKey API. Here's the curl:

   curl https://apigee.googleapis.com/v1/organizations/{org}/developers/{developer_email}/apps/{app_name}/keys/{key} \
     -X POST \
     -H "Authorization: Bearer $TOKEN" \
     -H 'Content-type:application/json' \
     -d \
       '{
         "apiProducts": ["product_1", "product_2"]
       }'

   Where $TOKEN is set to your OAuth 2.0 access token, as described in Obtaining an OAuth 2.0 access token. For information about the curl options used in this example, see Using curl. For a description of the environment variables used, see Setting environment variables for Apigee API requests.

3. Optionally delete the initial consumer key/secret that Apigee auto-generated. However, you can keep the auto-generated key. Both the imported key and the auto-generated key work in API calls, and both are displayed on the Developer App Details page in the Apigee UI.
   See the delete API key for developer app API.