An Application Programming Interface (API) Key is a unique identifier used to authenticate a user, developer, or calling program to an API. An API Key also allows you to avoid having to change the password every 90 days (Somos' current password reset policy) for the Login ID using the TFNRegistry™ API. Requesting the ability to manage an API Key(s) in the TFNRegistry UI is free, no charge. For more information on how to request this ability, please click here. Please Note: The API Key is valid for one year from the date of creation. As of June 5, 2022, users who have an API Key enabled on their Login ID (i.e. they do not login with their Login ID and password) for the TFNRegistry™ API are required to set up Multi-Factor Authentication (MFA).
After MFA has been set up and enabled on your TFNRegistry UI (tfnregistry.somos.com) account, you will be eligible to create and manage API Keys from the User Control (URC) page. If you do not have the required permissions, a message will be displayed on the URC page requesting you to contact your Resp Org's Primary Contact and/or Company Administrator(s) for assistance.
Please Note: Available authenticators include, but are not limited to: Google Authenticator, Microsoft Authenticator, OneLogin, Authy, and LastPass. Google Authenticator installed on an Android device is chosen as the third-party application to document the MFA set up process.
Once an API Key has been set up, you can view the Access Key, API Key Access Secret, Status, Expiration Date and eligible actions associated with an API Key on the URC page. The API Key Access Secret will only be viewable immediately after the set up completion, so you are encouraged to store the API Key Access Secret in a secure location before navigating away from the page.
- If you are having issues with an API Key, you will need to contact the Help Desk for assistance at 844.HEY.SOMOS (844.439.7666), Option 1.
- An API Key will expire after one year. For Example: API Key created on March 31, 2022 will expire on March 31, 2023. It will work until March 30, 2023 at 11:59 PM CT.
- A notification email will be sent to you 30 days before, and again 5 days before the API Key expiration date, requesting you to regenerate it.
- If you disable an API Key, then a notification email will be sent to you informing them that the API Key has been disabled and it will remind you to reactivate, regenerate or delete it on the URC page.