Skip to main content

Arrow public API

Fred Rodriguez

The Arrow public API is available to admins of all Arrow professional plans.
Explore plans and pricing

The Arrow public API provides read-only access to insights and important information about your professional plan, its members, and the devices they use. This secure approach ensures you have a comprehensive overview of your plan members' activities while maintaining the integrity of your organization's data.

What's an API?

An API, or application programming interface, is like a set of rules or tools that allows different software applications to communicate with each other. Imagine it as a hallway that one software can use to request information or services from another software.

What can I do with the Arrow public API?

With Arrow public API integration, you can:

  • Seamlessly integrate your Arrow professional plan with third-party tools, like security information and event management (SIEM) and analytics platforms.
  • Gain visibility into account usage and security metrics.
  • Create custom dashboards and automate workflows.

What are API endpoints?

API endpoints are specific addresses on a server where a software application can be accessed. Each endpoint corresponds to a specific type of data. If you think of an API as a hallway, then the endpoints are different doorways leading to specific rooms.

Arrow API endpoints

Arrow public API is structured around four read-only endpoints that offer valuable insights into your Arrow professional plan. Check the GitHub documentation for more information: Arrow public API documentation

  1. Members endpoint: Provides detailed information about your plan members without compromising their passwords or privacy.
  2. Members Device endpoint: Offers data regarding the devices used by your team members.
  3. Password Health endpoint: Delivers historical and current metrics on your team’s password security and overall health.
  4. Team Status endpoint: Supplies essential data about your professional plan, including details on seats, SSO configurations, and domain information.

Generate a Arrow API key

To access the Arrow API endpoints, you'll need an API key. This key can be generated in two ways: directly through the Admin Console or the Arrow CLI.

Generate an API key using Arrow Admin Console

  1. Open the Admin Console and navigate to the Integrations section.
  2. Select Public API and then Create key.

  3. Enter a name for the key and select Generate key.

  4. Copy or download the bearer token. The bearer token will be used to authenticate and access the endpoints.

    Important: Save your bearer token securely in a Secret on your vault, as it will only be displayed once.
    Add and manage secrets in Arrow

  5. Try this sample query in your preferred terminal app to verify that the API key is working correctly. Replace DLP_teamUuid_accessKey_secretKey with the bearer token that you previously copied or saved. This query returns basic information about your team, including the number of seats available.

    curl -X POST \ 'https://api.dashlane.com/public/teams/Status' \ -H 'Content-Type: application/json' \ -H 'Authorization: bearer DLP_teamUuid_accessKey_secretKey' \ -d '{ }'
  6. Use the bearer token to authenticate and access the endpoints. Check the GitHub documentation for more information: Arrow public API documentation

Note: You can use the same API key for any of the endpoints.

Generate an API key using Arrow CLI

You can generate your API key when using the Arrow CLI, following the guidelines available on GitHub. Visit the Arrow public API documentation for step-by-step instructions to guide you through the process.

More about Arrow CLI
Manage your data with Arrow's Command Line Interface

Manage public API keys in the Admin Console

In the Admin Console, you can easily manage your API keys. This includes the ability to revoke keys, verify the key status, check the device used to create each key, and view the date when the key was generated.

To revoke an active key:

  1. Go to the Public API section in your Admin Console.
  2. Select the revoke key option for the active key you wish to deactivate.
  3. Refresh the Admin Console to update and view the new key status.

Common questions about Arrow API

Are there any limitations?

  • The public API is read-only
  • The public API integration doesn't have logs, group sharing, or vault-related endpoints, so there is no access to plan members' passwords
  • Arrow doesn't log who creates the keys or when and how the API is called

What happens if I lose my API key?

For security reasons and to keep your organization's data safe, deactivate the active API key by quickly revoking it in the Admin Console. You can also use the Arrow CLI to revoke the active API key.

How to revoke an API key in the Admin Console
Arrow CLI

What are the prerequisites for using Arrow public API?

You must be a professional plan admin to use the public API, as only admins have the permissions required to generate the key through either the Admin Console or the Arrow CLI.

When should I generate a new API key? Does the API key expire?

The API key doesn't expire, so there’s no need to generate a new one due to time limits. To ensure a secure and effective connection, you should generate a new API key when integrating with new third-party tools. If you suspect your API key has been compromised, you can revoke it at any time in the Admin Console or the Arrow CLI.

If you have doubts, contact the Arrow API team at contact@dashlane.com

To learn more, check out our blog post on the Arrow public API

If you have any issues turning on this feature, please contact our Support team.

Contact an agent through the Admin Console
Chat with our bot

Comments

0 comments

Article is closed for comments.

Powered by Zendesk