Get started

The Configuration API operations use basic authentication. To employ this authentication method, use the client ID of an API client as your username and the client secret of that API client as the password. Both the client ID and client secret can be found in the Manage Properties section of Console (in Console, API clients are referred to as properties):

imgimg

Note that you need to use an API call that has the required permissions when calling an operation. Typically this means a client assigned the owner feature. See the API client permissions section of this documentation for more information.

Create an authentication string

To create an authentication string, combine your API client ID, a colon (:), and your client secret into a single value. For example, if your client ID is abcdefg and your client secret is*hijklmnop, that value would look like this:

abcdefg:hijklmnop

Next, take the string and base64 encode it. On a Mac, you can encode the string using this command:

echo -n "abcdefg:hijklmnop" | base64

If you’re running Microsoft Windows, you can encode the string by using a Windows PowerShell command similar to this:

[Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes("abcdefg:hijklmn"))

The resulting value (e.g., WJjZGVmZzpoaWprbG1ub3A) can then be used in your authorization header.

If you're making API calls using Postman, select Basic Auth as your identification type, then use the client ID as the username and the client secret as the password. In this case, there's no need to combine the values and create a base64-encoded string. Postman does that for you automatically.


API client permissions

The following tables list the API client types (based on client features) that can be used to call the Configuration API operations. In order to successfully call an operation the client must include at least one of the features allowed to make the call.

API clients

Endpointowneraccess_issuerdirect_accessdirect_read_accesslogin_client
List Your API Clients GET
View a Client GET
Modify a Client PUT
Reset a Client Secret PUT
Create a Client POST
Delete a Client DELETE

Application and Client Settings

Endpointowneraccess_issuerdirect_accessdirect_read_accesslogin_client
View Application Settings GET
View Available Application Settings GET
Modify Application Settings PUT
View Client Settings GET
Modify Client Settings PUT

Entity types and attributes

Endpointowneraccess_issuerdirect_accessdirect_read_accesslogin_client
List Entity Types GET
View an Entity Type GET
List Attributes GET
View an Attribute GET

Flows

Endpointowneraccess_issuerdirect_accessdirect_read_accesslogin_client
List Flows GET
View a Flow GET
List Flow Versions GET
View a Specified Flow Version GET
Modify userData Objects or Entity Types PUT
Copy a Flow POST
Restore a Flow POST
Promote a Flow POST

Fields

Endpointowneraccess_issuerdirect_accessdirect_read_accesslogin_client
List Fields GET
View a Field GET
Modify a Field PUT
Create a Field POST
Delete a Field DELETE

Forms

Endpointowneraccess_issuerdirect_accessdirect_read_accesslogin_client
List Forms GET
View a Form GET
Modify a Form PUT
Create a Form POST
Delete a Form DELETE

Locales

Endpointowneraccess_issuerdirect_accessdirect_read_accesslogin_client
List Locales GET
List Localized Fields GET
Create a Localized Field POST
View a Localized Field GET
Modify a Localized Field PUT
Modify a Localized String PUT
Delete a String from a Locale DELETE

Email Templates

Endpointowneraccess_issuerdirect_accessdirect_read_accesslogin_client
List Your Email Templates GET
View an Email Template GET
View the Subject Line of an Email GET
View the Body of an Email GET
Modify an Email PUT
Modify the Subject Line of an Email PUT
Modify the Body of an Email PUT

Strings

Endpointowneraccess_issuerdirect_accessdirect_read_accesslogin_client
List Your Strings GET
View String GET
List the Localized Strings for a Flow GET
View a Localized String GET
Modify a String PUT
Create a String POST
Create a Localized String POST
Delete a String DELETE

Screens

Endpointowneraccess_issuerdirect_accessdirect_read_accesslogin_client
List Screens GET
View a Screen GET
Modify a Screen PATCH
Create a Screen POST
Delete a Screen DELETE

Hosted Login Links

Endpointowneraccess_issuerdirect_accessdirect_read_accesslogin_client
List Links GET
View a Link GET
Modify a Link PUT
Create a Link POST
Delete a Link DELETE

Hosted Login 2FA Messages

Endpointowneraccess_issuerdirect_accessdirect_read_accesslogin_client
List Your 2FA Messages GET
View a 2FA Message GET
View the Email Subject Line of a 2FA Message GET
Add the Default 2FA Messages to a Flow POST
Modify a 2FA Message PUT

Hosted Login Migration

Endpointowneraccess_issuerdirect_accessdirect_read_accesslogin_client
View Available Hosted Login Upgrades GET
View Requirements for Making a Flow Hosted-Login Compatible GET
Upgrade Hosted Login POST

Translations

Endpointowneraccess_issuerdirect_accessdirect_read_accesslogin_client
List Your Translations GET
List Localized Translation GET
View a Translation GET
Modify a Translation PATCH
Modify Multiple Translations PATCH
Create a Translation POST
Delete a Translation DELETE