If you've ever lost an irretrievable key, you know how quickly blood can begin pumping through your body. This article will show you how to recover from losing your secret Application Programming Interface (API) key. This secret key displays only once when generated, and is not displayed again. If you navigate the browser away from the API key screen then you may lose that information.
Here's the tough news, your secret key, it's lost to the ether-net, gone. Where this turns into better news, is that the recovery process isn't all that painful. By generating a new API key, you generate a new secret key. So the recovery process involves deleting the API key associated with the lost key and generating the new API key set.
Where this guide is navigating, starts by grabbing the API key and Secret key from your Umbrella account dashboard. After, we'll log into your WAP device to add the API and Secret key. If you run into any issues, check here for documentation, and here for Umbrella Support options.
Step 1. After logging into your Umbrella Account, from the Dashboard screen click on Admin > API Keys.
Step 2. Click on the Umbrella Network Devices button in the Token well.
Step 3. Select Umbrella Network Devices and then click the Create button.
Step 4. The key will be instantly deleted. Click on the Add API Key button in the upper-right hand corner, or click the Create API Key button. They both function the same.
Step 5. Select Umbrella Network Devices and then click the Create button.
Step 6. Click the Copy button to the right of your Secret Key, a pop-up notification will confirm the key is copied to your clipboard.
After you've copied the key and secret key to a safe location, click the checkbox to confirm to complete acknowledgement then click the Close button.
Step 7. Open a text editor such as notepad and paste your secret and API key into the document, label them for future reference. In this case its label is "Umbrella secret key". Include the API key with your secret key along with a short description of its use in this same text file. Then save the text file to a secure location that's easy to access later should you need.
Important Note: If you lose or accidentally delete the secret key there is no function or support number to call to retrieve this key. Keep it secret, keep it safe. If lost, you will need to delete the key and re-authorize the API key with each WAP device you wish to protect with Umbrella.
Best Practice: Keep just a single copy of this document on a device, like a USB thumb drive, inaccessible from any network.
Now that we've created API keys within Umbrella, we'll take those keys and install them on our WAP Devices. In our case we are using a WAP581.
Step 1. After logging into your WAP Device, click on Umbrella in the sidebar menu.
Step 2. The Umbrella screen is straightforward, but there are two fields worth defining here:
Step 3. Paste your API and Secret Key into the corresponding fields
Step 4. Ensure the checkboxes for Enable and DNSCrypt are toggled to the check state.
Note: DNSCrypt secures DNS communication between a DNS client and a DNS resolver. Default is enabled.
Step 5. (Optional) Enter the local domains you would like Umbrella to allow through the DNS resolution process.
Note: This is required for all intranet domains and split DNS domains. If your network requires the use of local area domains for routing, you will need to contact Umbrella support to get this feature up and running. Most users will not need to use this option.
Step 6. After you are satisfied with the changes or have added your own Local Domains to Bypass, click the Save button in the upper-right hand corner.
Step 7. When the changes are complete, the field Registration Status will read "Successful".
Congratulations, you are now protected Cisco's Umbrella. Or are you? Let's be sure, Cisco has created a website dedicated to determining this as quickly as the page loads. Click here or type https://InternetBadGuys.com into the browser bar.
If Umbrella is configured correctly you will be greeted by a screen similar to this!