Get started

The Configuration API operations use basic authentication. To employ this authentication method, use the client ID of an API client as your username and the client secret of that API client as the password. Both the client ID and client secret can be found in the Manage Properties section of Console (in Console, API clients are referred to as properties):


Note that you need to use an API call that has the required permissions when calling an operation. Typically this means a client assigned the owner feature. See the API client permissions section of this documentation for more information.

Create an authentication string

To create an authentication string, combine your API client ID, a colon (:), and your client secret into a single value. For example, if your client ID is abcdefg and your client secret is*hijklmnop, that value would look like this:


Next, take the string and base64 encode it. On a Mac, you can encode the string using this command:

echo -n "abcdefg:hijklmnop" | base64

If you’re running Microsoft Windows, you can encode the string by using a Windows PowerShell command similar to this:


The resulting value (e.g., WJjZGVmZzpoaWprbG1ub3A) can then be used in your authorization header.

If you're making API calls using Postman, select Basic Auth as your identification type, then use the client ID as the username and the client secret as the password. In this case, there's no need to combine the values and create a base64-encoded string. Postman does that for you automatically.

API client permissions

The following tables list the API client types (based on client features) that can be used to call the Configuration API operations. In order to successfully call an operation the client must include at least one of the features allowed to make the call.

API clients

List Your API Clients GET
View a Client GET
Modify a Client PUT
Reset a Client Secret PUT
Create a Client POST
Delete a Client DELETE

Application and Client Settings

View Application Settings GET
View Available Application Settings GET
Modify Application Settings PUT
View Client Settings GET
Modify Client Settings PUT

Entity types and attributes

List Entity Types GET
View an Entity Type GET
List Attributes GET
View an Attribute GET


List Flows GET
View a Flow GET
List Flow Versions GET
View a Specified Flow Version GET
Modify userData Objects or Entity Types PUT
Copy a Flow POST
Restore a Flow POST
Promote a Flow POST


List Fields GET
View a Field GET
Modify a Field PUT
Create a Field POST
Delete a Field DELETE


List Forms GET
View a Form GET
Modify a Form PUT
Create a Form POST
Delete a Form DELETE


List Locales GET
List Localized Fields GET
Create a Localized Field POST
View a Localized Field GET
Modify a Localized Field PUT
Modify a Localized String PUT
Delete a String from a Locale DELETE

Email Templates

List Your Email Templates GET
View an Email Template GET
View the Subject Line of an Email GET
View the Body of an Email GET
Modify an Email PUT
Modify the Subject Line of an Email PUT
Modify the Body of an Email PUT


List Your Strings GET
View String GET
List the Localized Strings for a Flow GET
View a Localized String GET
Modify a String PUT
Create a String POST
Create a Localized String POST
Delete a String DELETE


List Screens GET
View a Screen GET
Modify a Screen PATCH
Create a Screen POST
Delete a Screen DELETE

Hosted Login Links

List Links GET
View a Link GET
Modify a Link PUT
Create a Link POST
Delete a Link DELETE

Hosted Login 2FA Messages

List Your 2FA Messages GET
View a 2FA Message GET
View the Email Subject Line of a 2FA Message GET
Add the Default 2FA Messages to a Flow POST
Modify a 2FA Message PUT

Hosted Login Migration

View Available Hosted Login Upgrades GET
View Requirements for Making a Flow Hosted-Login Compatible GET
Upgrade Hosted Login POST


List Your Translations GET
List Localized Translation GET
View a Translation GET
Modify a Translation PATCH
Modify Multiple Translations PATCH
Create a Translation POST
Delete a Translation DELETE