Implementation:Langgenius Dify UpdateAppApiStatus
| Knowledge Sources | |
|---|---|
| Domains | API Management REST API Embeddable Widgets |
| Last Updated | 2026-02-08 00:00 GMT |
Overview
Concrete tool for managing API access status, API key lifecycle, and embeddable widget configuration provided by the Dify platform.
Description
The deployment and API access implementation consists of several service functions and a standalone embed script:
1. updateAppApiStatus -- Toggles the API access for an application on or off. When API access is disabled, all external API requests to the application are rejected. This issues a POST request with an enable_api boolean flag.
2. createApikey -- Creates a new API key for authenticating external API requests to the application. Each key is a bearer token that must be included in the Authorization header of API calls.
3. delApikey -- Revokes an existing API key, immediately invalidating it. Any in-flight requests using the deleted key will fail.
4. embed.js -- A standalone JavaScript file served from web/public/embed.js that creates an embeddable chat widget. The script is an IIFE (Immediately Invoked Function Expression) that:
- Reads configuration from
window.difyChatbotConfig - Creates a floating chat button with customizable styling
- Opens an iframe pointing to the Dify chat interface when clicked
- Supports draggable positioning
- Handles dynamic script injection and cleanup
Usage
Use these functions when:
- Toggling API access in the application's overview/settings panel
- Managing API keys in the API access configuration section
- Generating embed code snippets for website integration
Code Reference
Source Location
- Repository: Dify
- Files:
web/service/apps.ts(Lines 115-117 for updateAppApiStatus, Lines 169-175 for API key functions)web/public/embed.js(Lines 1-455 for the embeddable chat widget)
Signature
// Toggle API access -- POST {url}
export const updateAppApiStatus = ({
url,
body,
}: {
url: string
body: Record<string, any>
}): Promise<AppDetailResponse> => {
return post<AppDetailResponse>(url, { body })
}
// Create a new API key -- POST {url}
export const createApikey = ({
url,
body,
}: {
url: string
body: Record<string, any>
}): Promise<CreateApiKeyResponse> => {
return post<CreateApiKeyResponse>(url, body)
}
// Delete an API key -- DELETE {url}
export const delApikey = ({
url,
params,
}: {
url: string
params: Record<string, any>
}): Promise<CommonResponse> => {
return del<CommonResponse>(url, params)
}
Import
import { updateAppApiStatus, createApikey, delApikey } from '@/service/apps'
Embed Script Configuration
// Configuration via window.difyChatbotConfig
window.difyChatbotConfig = {
token: 'YOUR_APP_TOKEN', // Required: application site access token
baseUrl: 'https://your-dify.com', // Optional: Dify instance URL
isDev: false, // Optional: development mode flag
chatbotConfig: {
bot_name: 'My Assistant', // Optional: display name for the chatbot
user: { /* user identity */ }, // Optional: end user information
inputs: { /* default inputs */ }, // Optional: pre-filled input variables
},
draggable: true, // Optional: enable draggable chat button
dynamicScript: false, // Optional: dynamic script loading mode
}
I/O Contract
Inputs (updateAppApiStatus)
| Name | Type | Required | Description |
|---|---|---|---|
| url | string |
Yes | Dynamic endpoint URL, typically apps/{appId}/api-enable or apps/{appId}/api-disable
|
| body.enable_api | boolean |
Yes | Whether to enable or disable API access |
Inputs (createApikey)
| Name | Type | Required | Description |
|---|---|---|---|
| url | string |
Yes | Endpoint URL, typically apps/{appId}/api-keys
|
| body | Record<string, any> |
Yes | Key creation parameters (typically empty object) |
Inputs (delApikey)
| Name | Type | Required | Description |
|---|---|---|---|
| url | string |
Yes | Endpoint URL including the key ID, typically apps/{appId}/api-keys/{keyId}
|
| params | Record<string, any> |
Yes | Additional parameters (typically empty) |
Outputs
| Name | Type | Description |
|---|---|---|
| AppDetailResponse (updateAppApiStatus) | AppDetailResponse |
Updated application detail including the new enable_api status |
| CreateApiKeyResponse (createApikey) | CreateApiKeyResponse |
The newly created API key details including the key string |
| CommonResponse (delApikey) | CommonResponse |
Confirmation of successful key deletion |
Usage Examples
import { updateAppApiStatus, createApikey, delApikey } from '@/service/apps'
// Enable API access for an application
const updatedApp = await updateAppApiStatus({
url: `apps/${appId}/api-enable`,
body: { enable_api: true },
})
// Create a new API key
const newKey = await createApikey({
url: `apps/${appId}/api-keys`,
body: {},
})
console.log(newKey) // { id: '...', token: 'app-xxxxxxxx', created_at: '...' }
// Delete an API key
await delApikey({
url: `apps/${appId}/api-keys/${keyId}`,
params: {},
})
// Embed the chat widget on a webpage (HTML)
// <script>
// window.difyChatbotConfig = { token: 'app-xxxxx' }
// </script>
// <script src="https://your-dify.com/embed.js" defer></script>