1 of 4

API Key Management

A roundtable discussion

Kun Lin Programmer Analyst IV

USC Libraries Integrated Library System (ILS)

2 of 4

Background

  • API Keys from varies library products: Alma/Primo API key, OCLC key etc
  • Powerful use case
    • Connecting different apps
    • Custom tools
    • Batch processing
  • It’s a new attack surface
  • Mistakes can have bigger impacts
  • Coordination

3 of 4

What we want to do:

  1. Centralized Key Management
  2. New Key per projects
  3. Project review and approval
  4. Testing on sandbox first
  5. Annual Audit

4 of 4

Discussion

https://tinyurl.com/apikeymanagement

Join the live survey as we discuss managing your API keys

Presenter link