Skip to content

Service Keys

For some features you can implement a service key, which enables an application to access a service instance using a service key for credentials.


The service must be able to support service keys.


Service keys provide access to a set of services in an API Key manner. That means that a back-end service does not require user credentials, but the service key is limited to a specific use case. For example, you can enable an application to send push notifications using the server key as its credentials, without requiring a user to enter credentials.

Configure service keys at the application level in SAP mobile service cockpit. If you do not see the Service Keys tab for a feature, the option is not available.

You have two options for sending the API key to the service, using either the X-API-Key header or an Authorization header. See Next Steps below for usage.


  1. In SAP mobile service cockpit, select Mobile Applications > Native/Hybrid or SAP Mobile Cards.

  2. Select an application, and then select a feature under Assigned Features.

  3. Select Service Keys.

    View the list of service keys currently configured for the service instance.

    Properties Descriptions
    Alias A human readable name for the service key, from 1-64 characters, and used as the username to authenticate a request. Also used when an audit log record is created. Required.
    API Key The API-key that is sent in the request header and used as the password to authenticate a request. The API-key cannot be edited.
    Roles The roles that are assigned to this service key. Required.
    URL The URL used to access the service instance. The URL cannot be edited.
    Actions You can delete a service key, but you cannot edit one. To change a service key, you must delete it, and then create a new one.
  4. To configure a new service key, select add .

    1. In Add Service Key, provide an Alias, and select one or more Roles from the list.

    2. Select OK to save.

      The new service key is added to the list. The API Key and URL are generated from service metadata.

  5. To remove a service key, select delete .


    Since you cannot edit service keys, you must delete a service key and configure a new one in order to change a service key.

Next Steps

To send the API key to the service, you can either use the X-API-Key header or an Authorization header.

X-API-Key Header

To authenticate, send the API-key along with the request in the X-API-Key header:

X-API-Key: <API-Key>

Authorization Header

To authenticate, send the API-key as Basic authentication in the Authorization header. The <Alias> is the username and the <API-Key> is the password. Both need to be joined with a colon (<Alias>:<API-Key>) and Base64-encoded.

Authorization: Basic [Base64(<Alias>:<API-Key>)]

Last update: May 14, 2021