Get started

The Configuration API operations use basic authentication. To employ this authentication method, use the client ID of an API client as your username and the client secret of that API client as the password. Both the client ID and client secret can be found in the Manage Properties section of Console (in Console, API clients are referred to as properties):

Note that you need to use an API call that has the required permissions when calling an operation. Typically this means a client assigned the owner feature. See the API client permissions section of this documentation for more information.

Create an authentication string

To create an authentication string, combine your API client ID, a colon (:), and your client secret into a single value. For example, if your client ID is abcdefg and your client secret is*hijklmnop, that value would look like this:

abcdefg:hijklmnop

Next, take the string and base64 encode it. On a Mac, you can encode the string using this command:

echo -n "abcdefg:hijklmnop" | base64

If you’re running Microsoft Windows, you can encode the string by using a Windows PowerShell command similar to this:

[Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes("abcdefg:hijklmn"))

The resulting value (e.g., WJjZGVmZzpoaWprbG1ub3A) can then be used in your authorization header.

If you're making API calls using Postman, select Basic Auth as your identification type, then use the client ID as the username and the client secret as the password. In this case, there's no need to combine the values and create a base64-encoded string. Postman does that for you automatically.

API client permissions

The following tables list the API client types (based on client features) that can be used to call the Configuration API operations. In order to successfully call an operation the client must include at least one of the features allowed to make the call.

API clients

Endpoint	owner	access_issuer	direct_access	direct_read_access	login_client
List Your API Clients GET	✓	✗	✗	✗	✗
View a Client GET	✓	✗	✗	✗	✗
Modify a Client PUT	✓	✗	✗	✗	✗
Reset a Client Secret PUT	✓	✗	✗	✗	✗
Create a Client POST	✓	✗	✗	✗	✗
Delete a Client DELETE	✓	✗	✗	✗	✗

Application and Client Settings

Endpoint	owner	access_issuer	direct_access	direct_read_access	login_client
View Application Settings GET	✓	✗	✗	✗	✗
View Available Application Settings GET	✓	✗	✗	✗	✗
Modify Application Settings PUT	✓	✗	✗	✗	✗
View Client Settings GET	✓	✗	✗	✗	✗
Modify Client Settings PUT	✓	✗	✗	✗	✗

Entity types and attributes

Endpoint	owner	access_issuer	direct_access	direct_read_access	login_client
List Entity Types GET	✓	✗	✗	✗	✗
View an Entity Type GET	✓	✓	✓	✓	✓
List Attributes GET	✓	✗	✗	✗	✗
View an Attribute GET	✓	✗	✗	✗	✗

Flows

Endpoint	owner	access_issuer	direct_access	direct_read_access	login_client
List Flows GET	✓	✗	✓	✗	✗
View a Flow GET	✓	✗	✓	✗	✗
List Flow Versions GET	✓	✗	✓	✗	✗
View a Specified Flow Version GET	✓	✗	✓	✗	✗
Modify userData Objects or Entity Types PUT	✓	✗	✗	✗	✗
Copy a Flow POST	✓	✗	✓	✗	✗
Restore a Flow POST	✓	✗	✓	✗	✗
Promote a Flow POST	✓	✗	✓	✗	✗

Fields

Endpoint	owner	access_issuer	direct_access	direct_read_access	login_client
List Fields GET	✓	✗	✓	✗	✗
View a Field GET	✓	✗	✓	✗	✗
Modify a Field PUT	✓	✗	✓	✗	✗
Create a Field POST	✓	✗	✓	✗	✗
Delete a Field DELETE	✓	✗	✓	✗	✗

Forms

Endpoint	owner	access_issuer	direct_access	direct_read_access	login_client
List Forms GET	✓	✗	✓	✗	✗
View a Form GET	✓	✗	✓	✗	✗
Modify a Form PUT	✓	✗	✓	✗	✗
Create a Form POST	✓	✗	✓	✗	✗
Delete a Form DELETE	✓	✗	✓	✗	✗

Locales

Endpoint	owner	access_issuer	direct_access	direct_read_access	login_client
List Locales GET	✓	✗	✓	✗	✗
List Localized Fields GET	✓	✗	✓	✗	✗
Create a Localized Field POST	✓	✗	✓	✗	✗
View a Localized Field GET	✓	✗	✓	✗	✗
Modify a Localized Field PUT	✓	✗	✓	✗	✗
Modify a Localized String PUT	✓	✗	✓	✗	✗
Delete a String from a Locale DELETE	✓	✗	✓	✗	✗

Email Templates

Endpoint	owner	access_issuer	direct_access	direct_read_access	login_client
List Your Email Templates GET	✓	✗	✓	✗	✗
View an Email Template GET	✓	✗	✓	✗	✗
View the Subject Line of an Email GET	✓	✗	✓	✗	✗
View the Body of an Email GET	✓	✗	✓	✗	✗
Modify an Email PUT	✓	✗	✓	✗	✗
Modify the Subject Line of an Email PUT	✓	✗	✓	✗	✗
Modify the Body of an Email PUT	✓	✗	✓	✗	✗

Strings

Endpoint	owner	access_issuer	direct_access	direct_read_access	login_client
List Your Strings GET	✓	✗	✓	✗	✗
View String GET	✓	✗	✓	✗	✗
List the Localized Strings for a Flow GET	✓	✗	✓	✗	✗
View a Localized String GET	✓	✗	✓	✗	✗
Modify a String PUT	✓	✗	✓	✗	✗
Create a String POST	✓	✗	✓	✗	✗
Create a Localized String POST	✓	✗	✓	✗	✗
Delete a String DELETE	✓	✗	✓	✗	✗

Screens

Endpoint	owner	access_issuer	direct_access	direct_read_access	login_client
List Screens GET	✓	✗	✓	✗	✗
View a Screen GET	✓	✗	✓	✗	✗
Modify a Screen PATCH	✓	✗	✓	✗	✗
Create a Screen POST	✓	✗	✓	✗	✗
Delete a Screen DELETE	✓	✗	✓	✗	✗

Hosted Login Links

Endpoint	owner	access_issuer	direct_access	direct_read_access	login_client
List Links GET	✓	✗	✓	✗	✗
View a Link GET	✓	✗	✓	✗	✗
Modify a Link PUT	✓	✗	✓	✗	✗
Create a Link POST	✓	✗	✓	✗	✗
Delete a Link DELETE	✓	✗	✓	✗	✗

Hosted Login 2FA Messages

Endpoint	owner	access_issuer	direct_access	direct_read_access	login_client
List Your 2FA Messages GET	✓	✗	✓	✗	✗
View a 2FA Message GET	✓	✗	✓	✗	✗
View the Email Subject Line of a 2FA Message GET	✓	✗	✓	✗	✗
Add the Default 2FA Messages to a Flow POST	✓	✗	✓	✗	✗
Modify a 2FA Message PUT	✓	✗	✓	✗	✗

Hosted Login Migration

Endpoint	owner	access_issuer	direct_access	direct_read_access	login_client
View Available Hosted Login Upgrades GET	✓	✗	✓	✗	✗
View Requirements for Making a Flow Hosted-Login Compatible GET	✓	✗	✓	✗	✗
Upgrade Hosted Login POST	✓	✗	✓	✗	✗

Translations

Endpoint	owner	access_issuer	direct_access	direct_read_access	login_client
List Your Translations GET	✓	✗	✓	✗	✗
List Localized Translation GET	✓	✗	✓	✗	✗
View a Translation GET	✓	✗	✓	✗	✗
Modify a Translation PATCH	✓	✗	✓	✗	✗
Modify Multiple Translations PATCH	✓	✗	✓	✗	✗
Create a Translation POST	✓	✗	✓	✗	✗
Delete a Translation DELETE	✓	✗	✓	✗	✗