Typically, an API client can access only the account in which it's created. The process for setting up the specialized API client that lets you make calls across different APIs and accounts is slightly different from the process for creating a regular API client.

Using this specialized API client requires the `accountSwitchKey` query parameter when you make your call. An `accountSwitchKey` indicates the specific account you want your call to apply to. If you make a call without the `accountSwitchKey`, the call applies to your API client's default account.

Keep in mind that:

  • Credentials on this type of API client expire on the same schedule as your account's password rotation policy. You can't edit the expiration date on these credentials, but you can create new credentials for this client.

  • The credentials, or tokens, work the same for SAML SSO users as they do for non-SAML SSO users.

  • Because this API client uses the same role assignments as the <<PORTAL_NICKNAME>> user the client belongs to, you can follow the same audit trail you normally would and see the API client's activity just like if it was for the Control Center user.

  • You cannot change the owner of these API clients.

  • The API client no longer works once the user's <<PORTAL_NICKNAME>> account is locked or disabled.

To use this type of client with an `accountSwitchKey`, you'll need to get specific keys from the [Identity and Access Management API](🔗). Make sure you've provisioned the `Identity Management API` in your client.

Follow these steps to create one API client to use across multiple accounts.

  1. Launch [Identity and Access Management](🔗).


    If you don't have access to the Identity and Access Management tool, contact your local <<PORTAL_NAME>> admin or your <<COMPANY_NICKNAME>> account team for assistance.

  2. Under **Users and API Clients**, click **Create API client** to open the **Customize API client** screen.

  3. Click **Advanced** to create a client for multiple accounts.

  4. Select **Let this client manage multiple accounts**.

  5. Use presets or change the access level of the API services you choose for the client. You can choose `READ-WRITE` or `READ-ONLY` and add up to 99 different API services.

  6. Set any group restrictions.

  7. Click **Create API client**.

    • The client's name, description, and notification list populate for you in the **Details** section. You can change this information at any time.

    • The credential and your client token appear in the **Credentials** section. The credential includes the client token and client secret you need to authenticate Akamai API requests.

  8. Click **Download**, then [add the credential to the .edgerc file](🔗).