Running scheduled scripts with API keys

SOLVED
NJNetworkGuy100
Here to help

Running scheduled scripts with API keys

I have a bunch of scripts with Dashboard API calls in them that I want to run on a regular schedule (most are scripts that grab some info via API, and send custom emails based on that data).  Any tips on a secure way to do this, since it involves API keys with access to different orgs? 

 

I am using Python for the Meraki API scripts, and have access to use VMWare or Azure VM's.  

 

Are there any programs or utilities I can use to store our API keys for these scripts?  Any documentation or examples I can use or follow?  

 

Really just getting started using these scripts in this fashion, and looking for any help.  

 

Thanks!

1 ACCEPTED SOLUTION

Accepted Solutions
PhilipDAth
Kind of a big deal

Re: Running scheduled scripts with API keys

This is my proposal:

https://community.meraki.com/t5/Developers-APIs/A-newer-safer-way-to-access-the-dashboard-API/m-p/69... 

 

You can also use an environment variable.

https://developer.cisco.com/meraki/api-v1/#!python/usage

I nice way to do this is to create a user to run the scripts (such as "API"), and then define the environment variable in that user's account.  Then it is available only to that user, and everything that runs as that user.

You could also use the same approach with my older system.  You just put the config into that users home directory.

View solution in original post

3 REPLIES 3
PhilipDAth
Kind of a big deal

Re: Running scheduled scripts with API keys

This is my proposal:

https://community.meraki.com/t5/Developers-APIs/A-newer-safer-way-to-access-the-dashboard-API/m-p/69... 

 

You can also use an environment variable.

https://developer.cisco.com/meraki/api-v1/#!python/usage

I nice way to do this is to create a user to run the scripts (such as "API"), and then define the environment variable in that user's account.  Then it is available only to that user, and everything that runs as that user.

You could also use the same approach with my older system.  You just put the config into that users home directory.

View solution in original post

NJNetworkGuy100
Here to help

Re: Running scheduled scripts with API keys

User specific environmental variables...with a dedicated maintenance account on that VM...that's not a bad idea.  I keep hearing about environmental variables, but I always assume they are talking about system ones.  

 

I'll give this a try, but try out your other proposal.  See how that goes...

 

Thanks!

RomanMD
Getting noticed

Re: Running scheduled scripts with API keys

I do two three different things:

1. either store in the environment variable 

2. either store in the database in the setting table (usually using this when the scripts run on Django)

3. either way - I have an encryption/decryption algorithm, so the key is not stored in plain text. It does not mean that the key is fully safe, as long as one will have access to the algorithms, but at least having the encrypted API key does not make much sense for some ....

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.