API Keys
Taxi & Private Hire › Products › ACL › API Keys
Generally available
Tenant-scoped API keys used by third-party integrations to authenticate against the platform. Each Apikey carries a roles array (drives permission decisions) and is bound to one tenant. Authenticates via the APP auth method.
Related
Fields
| Field | Type | Description |
|---|---|---|
apikey | string | The API key string presented by the integration on each request. Unique per tenant (UNIQ_IDENTIFIER_APIKEY). Treat as the equivalent of a password — never log. |
roles | array | Symfony security roles array carried by this key. Drives permission resolution when the integration acts under APP auth. |
password | string | Bcrypt hash of the secret companion to the API key. Used by Symfony auth even though APP auth presents only the key. #[Ignore] — never serialized in responses. |
channel | string | Booking channel this application represents (OPERATOR console, customer APP / WEB, INTEGRATION, PHONE). Stamped onto Trip.bookingSource so analytics can attribute trips to the originating application. Stored as a plain string here (the BookingSource enum lives in the domain layer); interpreted via the system at the read site. |
clientId | bigint | Tenant scope. Every tenant-aware entity carries this; `ClientFilter` enforces row-level isolation on read; the multi-tenancy routing layer (`/client/{clientId}`) sets it at create time. Surfaced only under `admin` / `tripLog` groups — never to end users. |
internalKey | string | Optional client-supplied external reference / idempotency key. When present, lets external systems correlate platform-side records back to their own source-of-truth ids. Not persisted to a column — populated by the request handler when the caller sets it. |
__objectType | string | Discriminator string (entity class short-name) emitted alongside the id in serialized output. Resolved at read time by `getObjectType()`; lets the FE dispatch entity-specific rendering without inspecting the URL. |
id | bigint | Snowflake-style primary key (unsigned BIGINT). Generated by `IdFactory` at create time; surfaced to the FE / API as a `G`-prefixed string and stripped back to plain bigint server-side before Doctrine lookup. |
createdDate | integer | Unix timestamp the row was first persisted. Set in the entity's PrePersist hook; never rewritten on subsequent updates. |
updatedDate | integer | Unix timestamp the row was last touched. Bumped on every commit that hits the Doctrine UoW for this entity; drives FE invalidation + the listing change cursor. |
passiveUpdatedDate | int | Read-through alias for `updatedDate` exposed under different serializer groups. Lets the FE distinguish "real edit" from "background touch" projections without changing the underlying column. |
listingUpdatedDate | int | Listing-projection timestamp surfaced only under the `listMode` group. Driven by `TripCache` and other listing-shape refreshers separately from `updatedDate` so a listing rebuild doesn't trigger detail-page invalidation. |