Deleting old API keys

For requests or help with our API
Post Reply
mandmdiet
Posts: 46
Joined: Tue Aug 17, 2021 9:37 am

Deleting old API keys

Post by mandmdiet » Mon Nov 21, 2022 7:27 am

Hello,

We are finding it hard to manage our API keys because we accidentally created several keys that we associated with a test instance of Open Dental. We don't want to reuse these keys for our clients because we're worried that we might still have it associated to some other instance somewhere. Is there a way we can delete them OR can we request that someone at Open Dental delete them for us?

Thanks!

SLeon
Posts: 263
Joined: Mon Mar 01, 2021 10:00 am

Re: Deleting old API keys

Post by SLeon » Mon Nov 21, 2022 8:31 am

Good morning,

Would adding the ability in the Developer Portal to hide disabled API Keys suit your needs? This would avoid the irreversible nature of deleting a key but facilitate the management of only active customers. We would default the view to show only active keys, but this could be toggled on or off.

mandmdiet
Posts: 46
Joined: Tue Aug 17, 2021 9:37 am

Re: Deleting old API keys

Post by mandmdiet » Mon Nov 21, 2022 8:49 am

We have about 2 dozen keys right now, but only 4 active. If the other 20 stopped showing up that would definitely help. The problem we are having now is that so many of these keys were created when we weren't even trying to create a key. It would still bug me that we had these disabled keys probably, but if they aren't showing I can manage.

Possibly even better would be a change to the interface for creating the keys. I haven't myself created one in several months and I don't want to accidentally create another one right now, so I can't look at it, but I remember accidentally creating key after key in that interface before. I think it was because I expected there to be another step before the key would be created, like a confirmation dialog or something like that.

Incidentally, do you think there would be a good reason not to just reuse these keys we've accidentally created in the past? If a key is a key and we can just reuse it, then we don't have to worry about having a bunch of extras that are disabled only because they were created unintentionally. I was worried about things I didn't know about how the keys behaved. For example, each key has the OD version and the name of the practice listed in it. If I associate the key with a different practice, do those things get updated? Or are they always connected to the first practice we associated it to?

SLeon
Posts: 263
Joined: Mon Mar 01, 2021 10:00 am

Re: Deleting old API keys

Post by SLeon » Mon Nov 21, 2022 9:33 am

These are excellent questions.

The assignment of an API key to a dental office is permanent, and this linkage cannot be altered in any way. If Dental Office B attempts to add an API key already assigned to Dental Office A, they will see the message "API key has already been assigned". This protects Dental Office A from interruption of service.

It is not uncommon for any customer to use software for a period of time, stop for a while, and then decide they want to use it again. For this reason, we do not allow the reassignment of disabled API Keys. This results in a smoother experience for the returning customer, as they do not need to go through the process of getting a new key generated/assigned.

I have just added a new key to a test developer via the Developer Portal. A new one is generated immediately upon clicking "Add" and cannot be cancelled or undone. I agree that this process should be improved to reduce the frequency of accidentally generating keys.

We will add both improving the key generation and displaying disabled keys to our development list.

Post Reply