The Configuration API operations use basic authentication. To employ this authentication method, use the client ID of an API client as your username and the client secret of that API client as the password. Both the client ID and client secret can be found in the Manage Properties section of Console (in Console, API clients are referred to as properties):
Note that you need to use an API call that has the required permissions when calling an operation. Typically this means a client assigned the owner feature. See the API client permissions section of this documentation for more information.
Create an authentication string
To create an authentication string, combine your API client ID, a colon (:), and your client secret into a single value. For example, if your client ID is abcdefg and your client secret is*hijklmnop, that value would look like this:
abcdefg:hijklmnop
Next, take the string and base64 encode it. On a Mac, you can encode the string using this command:
echo -n "abcdefg:hijklmnop" | base64
If you’re running Microsoft Windows, you can encode the string by using a Windows PowerShell command similar to this:
The resulting value (e.g., WJjZGVmZzpoaWprbG1ub3A) can then be used in your authorization header.
If you're making API calls using Postman, select Basic Auth as your identification type, then use the client ID as the username and the client secret as the password. In this case, there's no need to combine the values and create a base64-encoded string. Postman does that for you automatically.
API client permissions
The following tables list the API client types (based on client features) that can be used to call the Configuration API operations. In order to successfully call an operation the client must include at least one of the features allowed to make the call.
API clients
Endpoint
owner
access_issuer
direct_access
direct_read_access
login_client
List Your API Clients GET
✓
✗
✗
✗
✗
View a Client GET
✓
✗
✗
✗
✗
Modify a Client PUT
✓
✗
✗
✗
✗
Reset a Client Secret PUT
✓
✗
✗
✗
✗
Create a Client POST
✓
✗
✗
✗
✗
Delete a Client DELETE
✓
✗
✗
✗
✗
Application and Client Settings
Endpoint
owner
access_issuer
direct_access
direct_read_access
login_client
View Application Settings GET
✓
✗
✗
✗
✗
View Available Application Settings GET
✓
✗
✗
✗
✗
Modify Application Settings PUT
✓
✗
✗
✗
✗
View Client Settings GET
✓
✗
✗
✗
✗
Modify Client Settings PUT
✓
✗
✗
✗
✗
Entity types and attributes
Endpoint
owner
access_issuer
direct_access
direct_read_access
login_client
List Entity Types GET
✓
✗
✗
✗
✗
View an Entity Type GET
✓
✓
✓
✓
✓
List Attributes GET
✓
✗
✗
✗
✗
View an Attribute GET
✓
✗
✗
✗
✗
Flows
Endpoint
owner
access_issuer
direct_access
direct_read_access
login_client
List Flows GET
✓
✗
✓
✗
✗
View a Flow GET
✓
✗
✓
✗
✗
List Flow Versions GET
✓
✗
✓
✗
✗
View a Specified Flow Version GET
✓
✗
✓
✗
✗
Modify userData Objects or Entity Types PUT
✓
✗
✗
✗
✗
Copy a Flow POST
✓
✗
✓
✗
✗
Restore a Flow POST
✓
✗
✓
✗
✗
Promote a Flow POST
✓
✗
✓
✗
✗
Fields
Endpoint
owner
access_issuer
direct_access
direct_read_access
login_client
List Fields GET
✓
✗
✓
✗
✗
View a Field GET
✓
✗
✓
✗
✗
Modify a Field PUT
✓
✗
✓
✗
✗
Create a Field POST
✓
✗
✓
✗
✗
Delete a Field DELETE
✓
✗
✓
✗
✗
Forms
Endpoint
owner
access_issuer
direct_access
direct_read_access
login_client
List Forms GET
✓
✗
✓
✗
✗
View a Form GET
✓
✗
✓
✗
✗
Modify a Form PUT
✓
✗
✓
✗
✗
Create a Form POST
✓
✗
✓
✗
✗
Delete a Form DELETE
✓
✗
✓
✗
✗
Locales
Endpoint
owner
access_issuer
direct_access
direct_read_access
login_client
List Locales GET
✓
✗
✓
✗
✗
List Localized Fields GET
✓
✗
✓
✗
✗
Create a Localized Field POST
✓
✗
✓
✗
✗
View a Localized Field GET
✓
✗
✓
✗
✗
Modify a Localized Field PUT
✓
✗
✓
✗
✗
Modify a Localized String PUT
✓
✗
✓
✗
✗
Delete a String from a Locale DELETE
✓
✗
✓
✗
✗
Email Templates
Endpoint
owner
access_issuer
direct_access
direct_read_access
login_client
List Your Email Templates GET
✓
✗
✓
✗
✗
View an Email Template GET
✓
✗
✓
✗
✗
View the Subject Line of an Email GET
✓
✗
✓
✗
✗
View the Body of an Email GET
✓
✗
✓
✗
✗
Modify an Email PUT
✓
✗
✓
✗
✗
Modify the Subject Line of an Email PUT
✓
✗
✓
✗
✗
Modify the Body of an Email PUT
✓
✗
✓
✗
✗
Strings
Endpoint
owner
access_issuer
direct_access
direct_read_access
login_client
List Your Strings GET
✓
✗
✓
✗
✗
View String GET
✓
✗
✓
✗
✗
List the Localized Strings for a Flow GET
✓
✗
✓
✗
✗
View a Localized String GET
✓
✗
✓
✗
✗
Modify a String PUT
✓
✗
✓
✗
✗
Create a String POST
✓
✗
✓
✗
✗
Create a Localized String POST
✓
✗
✓
✗
✗
Delete a String DELETE
✓
✗
✓
✗
✗
Screens
Endpoint
owner
access_issuer
direct_access
direct_read_access
login_client
List Screens GET
✓
✗
✓
✗
✗
View a Screen GET
✓
✗
✓
✗
✗
Modify a Screen PATCH
✓
✗
✓
✗
✗
Create a Screen POST
✓
✗
✓
✗
✗
Delete a Screen DELETE
✓
✗
✓
✗
✗
Hosted Login Links
Endpoint
owner
access_issuer
direct_access
direct_read_access
login_client
List Links GET
✓
✗
✓
✗
✗
View a Link GET
✓
✗
✓
✗
✗
Modify a Link PUT
✓
✗
✓
✗
✗
Create a Link POST
✓
✗
✓
✗
✗
Delete a Link DELETE
✓
✗
✓
✗
✗
Hosted Login 2FA Messages
Endpoint
owner
access_issuer
direct_access
direct_read_access
login_client
List Your 2FA Messages GET
✓
✗
✓
✗
✗
View a 2FA Message GET
✓
✗
✓
✗
✗
View the Email Subject Line of a 2FA Message GET
✓
✗
✓
✗
✗
Add the Default 2FA Messages to a Flow POST
✓
✗
✓
✗
✗
Modify a 2FA Message PUT
✓
✗
✓
✗
✗
Hosted Login Migration
Endpoint
owner
access_issuer
direct_access
direct_read_access
login_client
View Available Hosted Login Upgrades GET
✓
✗
✓
✗
✗
View Requirements for Making a Flow Hosted-Login Compatible GET
