The Configuration API operations use basic authentication. To employ this authentication method, use the client ID of an API client as your username and the client secret of that API client as the password. Both the client ID and client secret can be found in the Manage Properties section of Console (in Console, API clients are referred to as properties):
Note that you need to use an API call that has the required permissions when calling an operation. Typically this means a client assigned the owner feature. See the API client permissions section of this documentation for more information.
Create an authentication string
To create an authentication string, combine your API client ID, a colon (:), and your client secret into a single value. For example, if your client ID is abcdefg and your client secret is*hijklmnop, that value would look like this:
abcdefg:hijklmnop
Next, take the string and base64 encode it. On a Mac, you can encode the string using this command:
echo -n "abcdefg:hijklmnop" | base64
If you’re running Microsoft Windows, you can encode the string by using a Windows PowerShell command similar to this:
[Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes("abcdefg:hijklmn"))
The resulting value (e.g., WJjZGVmZzpoaWprbG1ub3A) can then be used in your authorization header.
If you're making API calls using Postman, select Basic Auth as your identification type, then use the client ID as the username and the client secret as the password. In this case, there's no need to combine the values and create a base64-encoded string. Postman does that for you automatically.
API client permissions
The following tables list the API client types (based on client features) that can be used to call the Configuration API operations. In order to successfully call an operation the client must include at least one of the features allowed to make the call.
API clients
|Endpoint | owner | access_issuer | direct_access | direct_read_access | login_client |
| --- | --- | --- | --- | --- | --- |
|List Your API Clients GET | ✓ | ✗| ✗| ✗| ✗|
|View a Client GET | ✓ | ✗| ✗| ✗| ✗|
|Modify a Client PUT | ✓ | ✗| ✗| ✗| ✗|
|Reset a Client Secret PUT | ✓ | ✗| ✗| ✗| ✗|
|Create a Client POST | ✓ | ✗| ✗| ✗| ✗|
|Delete a Client DELETE | ✓ | ✗| ✗| ✗| ✗|
Application and Client Settings
|Endpoint | owner | access_issuer | direct_access | direct_read_access | login_client |
| --- | --- | --- | --- | --- | --- |
|View Application Settings GET | ✓ | ✗| ✗| ✗| ✗|
|View Available Application Settings GET | ✓ | ✗| ✗| ✗| ✗|
|Modify Application Settings PUT | ✓ | ✗| ✗| ✗| ✗|
|View Client Settings GET | ✓ | ✗| ✗| ✗| ✗|
|Modify Client Settings PUT | ✓ | ✗| ✗| ✗| ✗|
Entity types and attributes
| Endpoint | owner | access_issuer | direct_access | direct_read_access | login_client |
|---|---|---|---|---|---|
| List Entity Types GET | ✓ | ✗ | ✗ | ✗ | ✗ |
| View an Entity Type GET | ✓ | ✓ | ✓ | ✓ | ✓ |
| List Attributes GET | ✓ | ✗ | ✗ | ✗ | ✗ |
| View an Attribute GET | ✓ | ✗ | ✗ | ✗ | ✗ |
Flows
|Endpoint | owner | access_issuer | direct_access | direct_read_access | login_client |
|---| --- | --- | --- | --- | --- |
|List Flows GET | ✓ | ✗ | ✓ | ✗ | ✗ |
|View a Flow GET | ✓ | ✗ | ✓ | ✗ | ✗ |
|List Flow Versions GET | ✓ | ✗ | ✓ | ✗ | ✗ |
|View a Specified Flow Version GET | ✓ | ✗ | ✓ | ✗ | ✗
|Modify userData Objects or Entity Types PUT | ✓ | ✗ | ✗ | ✗ | ✗ |
|Copy a Flow POST | ✓ | ✗ | ✓ | ✗ | ✗ |
|Restore a Flow POST | ✓ | ✗ | ✓ | ✗ | ✗ |
|Promote a Flow POST | ✓ | ✗ | ✓ | ✗ | ✗ |
Fields
|Endpoint | owner | access_issuer | direct_access | direct_read_access | login_client |
| --- | --- | --- | --- | --- | --- |
|List Fields GET | ✓ | ✗| ✓ | ✗| ✗|
|View a Field GET | ✓ | ✗| ✓ | ✗| ✗|
|Modify a Field PUT | ✓ | ✗| ✓ | ✗| ✗|
|Create a Field POST | ✓ | ✗| ✓ | ✗| ✗|
|Delete a Field DELETE | ✓ | ✗| ✓ | ✗| ✗|
Forms
| Endpoint | owner | access_issuer | direct_access | direct_read_access | login_client |
|---|---|---|---|---|---|
| List Forms GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| View a Form GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| Modify a Form PUT | ✓ | ✗ | ✓ | ✗ | ✗ |
| Create a Form POST | ✓ | ✗ | ✓ | ✗ | ✗ |
| Delete a Form DELETE | ✓ | ✗ | ✓ | ✗ | ✗ |
Locales
| Endpoint | owner | access_issuer | direct_access | direct_read_access | login_client |
|---|---|---|---|---|---|
| List Locales GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| List Localized Fields GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| Create a Localized Field POST | ✓ | ✗ | ✓ | ✗ | ✗ |
| View a Localized Field GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| Modify a Localized Field PUT | ✓ | ✗ | ✓ | ✗ | ✗ |
| Modify a Localized String PUT | ✓ | ✗ | ✓ | ✗ | ✗ |
| Delete a String from a Locale DELETE | ✓ | ✗ | ✓ | ✗ | ✗ |
Email Templates
| Endpoint | owner | access_issuer | direct_access | direct_read_access | login_client |
|---|---|---|---|---|---|
| List Your Email Templates GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| View an Email Template GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| View the Subject Line of an Email GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| View the Body of an Email GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| Modify an Email PUT | ✓ | ✗ | ✓ | ✗ | ✗ |
| Modify the Subject Line of an Email PUT | ✓ | ✗ | ✓ | ✗ | ✗ |
| Modify the Body of an Email PUT | ✓ | ✗ | ✓ | ✗ | ✗ |
Strings
| Endpoint | owner | access_issuer | direct_access | direct_read_access | login_client |
|---|---|---|---|---|---|
| List Your Strings GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| View String GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| List the Localized Strings for a Flow GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| View a Localized String GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| Modify a String PUT | ✓ | ✗ | ✓ | ✗ | ✗ |
| Create a String POST | ✓ | ✗ | ✓ | ✗ | ✗ |
| Create a Localized String POST | ✓ | ✗ | ✓ | ✗ | ✗ |
| Delete a String DELETE | ✓ | ✗ | ✓ | ✗ | ✗ |
Screens
| Endpoint | owner | access_issuer | direct_access | direct_read_access | login_client |
|---|---|---|---|---|---|
| List Screens GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| View a Screen GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| Modify a Screen PATCH | ✓ | ✗ | ✓ | ✗ | ✗ |
| Create a Screen POST | ✓ | ✗ | ✓ | ✗ | ✗ |
| Delete a Screen DELETE | ✓ | ✗ | ✓ | ✗ | ✗ |
Hosted Login Links
| Endpoint | owner | access_issuer | direct_access | direct_read_access | login_client |
|---|---|---|---|---|---|
| List Links GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| View a Link GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| Modify a Link PUT | ✓ | ✗ | ✓ | ✗ | ✗ |
| Create a Link POST | ✓ | ✗ | ✓ | ✗ | ✗ |
| Delete a Link DELETE | ✓ | ✗ | ✓ | ✗ | ✗ |
Hosted Login 2FA Messages
| Endpoint | owner | access_issuer | direct_access | direct_read_access | login_client |
|---|---|---|---|---|---|
| List Your 2FA Messages GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| View a 2FA Message GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| View the Email Subject Line of a 2FA Message GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| Add the Default 2FA Messages to a Flow POST | ✓ | ✗ | ✓ | ✗ | ✗ |
| Modify a 2FA Message PUT | ✓ | ✗ | ✓ | ✗ | ✗ |
Hosted Login Migration
| Endpoint | owner | access_issuer | direct_access | direct_read_access | login_client |
|---|---|---|---|---|---|
| View Available Hosted Login Upgrades GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| View Requirements for Making a Flow Hosted-Login Compatible GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| Upgrade Hosted Login POST | ✓ | ✗ | ✓ | ✗ | ✗ |
Translations
| Endpoint | owner | access_issuer | direct_access | direct_read_access | login_client |
|---|---|---|---|---|---|
| List Your Translations GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| List Localized Translation GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| View a Translation GET | ✓ | ✗ | ✓ | ✗ | ✗ |
| Modify a Translation PATCH | ✓ | ✗ | ✓ | ✗ | ✗ |
| Modify Multiple Translations PATCH | ✓ | ✗ | ✓ | ✗ | ✗ |
| Create a Translation POST | ✓ | ✗ | ✓ | ✗ | ✗ |
| Delete a Translation DELETE | ✓ | ✗ | ✓ | ✗ | ✗ |