Skip to content

APIKeyManager.create() method creates only legacy API keys or fails with privilege errors in ArcGIS Python API 2.4.0 #2234

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
pmd84 opened this issue Mar 11, 2025 · 0 comments
Open

APIKeyManager.create() method creates only legacy API keys or fails with privilege errors in ArcGIS Python API 2.4.0 #2234

pmd84 opened this issue Mar 11, 2025 · 0 comments
Labels
bug

Comments

@pmd84
Copy link

pmd84 commented Mar 11, 2025

Describe the bug

The APIKeyManager.create() method has two issues:

  1. When attempting to create an API key with item access privileges (portal:app:access:item:*), the request fails with a server 500 error and "Invalid Privileges" message
  2. When creating an API key without specifying privileges, it creates a "Legacy" API key, which is deprecated and not fully functional

In both cases, the API key creation via the Python API does not match the functionality available in the ArcGIS Online UI, where proper API keys can be created successfully.

To Reproduce

Steps to reproduce the behavior:

import arcgis
from arcgis.gis import GIS

# Connect to ArcGIS Online
gis = GIS("https://www.arcgis.com", "username", "password")

# Get some item IDs to use for privileges
items = gis.content.search(query="", max_items=5)
item_ids = [item.id for item in items]

# Create API Key Manager
api_key_manager = arcgis.gis._impl.APIKeyManager(gis)

# Attempt 1: Create with item access privileges - This will fail with server error
try:
    privileges = [
        "portal:user:shareToGroup", 
        "portal:user:createItem",
        f"portal:app:access:item:{item_ids[0]}"  # Adding item access privilege
    ]
    
    new_api_key = api_key_manager.create(
        title="API Key With Privileges",
        tags="api,key,test",
        description="API Key for testing purposes",
        privileges=privileges
    )
except Exception as e:
    print(f"Error creating API key with privileges: {e}")
    # Output: "Error creating API key with privileges: Unable to register app. Invalid Privileges (Error Code: 500)"

# Attempt 2: Create without privileges - This creates a legacy API key
new_api_key = api_key_manager.create(
    title="API Key Without Privileges",
    tags="api,key,test",
    description="API Key for testing purposes"
)
print(f"Created API key: {new_api_key}")
# This succeeds but creates a "Legacy" API key in the UI

Error for Attempt 1:

WARNING:arcgis.gis._impl._content_manager.folder.core:Creating an empty item.
Error creating API key with privileges: Unable to register app. Invalid Privileges (Error Code: 500)

Expected behavior

The create() method should create proper, non-legacy API keys with all specified privileges, including item access privileges (portal:app:access:item:*), just as can be done through the ArcGIS Online UI.

Screenshots

Screenshots showing that API keys created via the Python API appear as "API key (legacy)" in the ArcGIS Online UI, indicating they're not being created correctly.

Image

Platform

  • OS: Databricks
  • Python API Version: 2.4.0

Additional context

This issue appears to be a fundamental problem with the API Key creation process in the Python API. While the UI allows creation of proper API keys with item access privileges, the Python API either fails or creates deprecated legacy keys. This is a significant limitation for anyone attempting to automate API key management via the Python API.
@pmd84 pmd84 added the bug label Mar 11, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pmd84