The Legacy Clients and Settings API operations use Basic authentication. To employ this authentication method, use the client ID of an API client as your username and the client secret of that API client as the password. Both the client ID and client secret can be found in the Manage Properties section of Console (in Console, API clients are referred to as properties):

imgimg

Note that you must use an API client that has the required permissions when calling an operation. Typically this means a client assigned the owner feature. See the API client permissions section of this documentation for more details.

Create an Authentication String

To create an authentication string, combine your API client ID, a colon (:), and your client secret into a single value. For example, if your client ID is abcdefg and your client secret is hijklmnop, that value would look like this:

abcdefg:hijklmnop

Next, take the string and base64 encode it. On a Mac, you can encode the string using this command:

echo -n "abcdefg:hijklmnop" | base64

If you’re running Microsoft Windows, you can encode the string by using a Windows PowerShell command similar to this:

[Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes("abcdefg:hijklmn"))

The resulting value (e.g., YWJjZGVmZzpoaWprbG1ub3A) can then used in your authentication header.

If you make API calls using Postman, select Basic Auth as your identification type, then use the client ID as the username and the client secret as the password. Note that, in this case, you don't need to combine or encode the strings. Postman does that for you.


API client permissions

The following tables list the API client types (based on client features) that can be used to call the Legacy Client and SettingsAPI operations. In order to successfully make an API call the client must include at least one of the features allowed to make the call.

API clients

Endpoint

owner

access_issuer

direct_access

direct_read_access

login_client

List Clients
POST

Modify Client Features
POST

Create an IP Whitelist
POST

Reset a Client Secret
POST

Rename a Client
POST

Delete Allowlist IP Addresses
POST

Create a Client
POST

Delete a Client
POST

Published settings

Endpoint

owner

access_issuer

direct_access

direct_read_access

login_client

View Published Settings for an Application
POST

View Published Settings for a Client
POST

Publish Settings
POST

Delete Published Settings
POST

Application and client settings

Endpoint

owner

access_issuer

direct_access

direct_read_access

login_client

View an Application Setting
POST

<

Modify an Application Setting
POST

Modify Multiple Application Settings
POST

List Client Settings
POST

View a Client Setting
POST

View Client Settings
POST

View Multiple Client Settings
POST

Modify a Client Setting
POSTs

Modify Multiple Client Settings
POST

Delete Multiple Client Settings
POST

Delete a Client Setting
POST