The Legacy Clients and Settings API operations use Basic authentication. To employ this authentication method, use the client ID of an API client as your username and the client secret of that API client as the password. Both the client ID and client secret can be found in the Manage Properties section of Console (in Console, API clients are referred to as properties):
Note that you must use an API client that has the required permissions when calling an operation. Typically this means a client assigned the owner feature. See the API client permissions section of this documentation for more details.
Create an Authentication String
To create an authentication string, combine your API client ID, a colon (:), and your client secret into a single value. For example, if your client ID is abcdefg and your client secret is hijklmnop, that value would look like this:
abcdefg:hijklmnop
Next, take the string and base64 encode it. On a Mac, you can encode the string using this command:
echo -n "abcdefg:hijklmnop" | base64
If you’re running Microsoft Windows, you can encode the string by using a Windows PowerShell command similar to this:
[Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes("abcdefg:hijklmn"))
The resulting value (e.g., YWJjZGVmZzpoaWprbG1ub3A) can then used in your authentication header.
If you make API calls using Postman, select Basic Auth as your identification type, then use the client ID as the username and the client secret as the password. Note that, in this case, you don't need to combine or encode the strings. Postman does that for you.
API client permissions
The following tables list the API client types (based on client features) that can be used to call the Legacy Client and SettingsAPI operations. In order to successfully make an API call the client must include at least one of the features allowed to make the call.
API clients
| Endpoint | owner | access_issuer | direct_access | direct_read_access | login_client |
|---|---|---|---|---|---|
| List Clients POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| Modify Client Features POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| Create an IP Whitelist POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| Reset a Client Secret POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| Rename a Client POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| Delete Allowlist IP Addresses POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| Create a Client POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| Delete a Client POST | ✓ | ✗ | ✗ | ✗ | ✗ |
Published settings
| Endpoint | owner | access_issuer | direct_access | direct_read_access | login_client |
|---|---|---|---|---|---|
| View Published Settings for an Application POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| View Published Settings for a Client POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| Publish Settings POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| Delete Published Settings POST | ✓ | ✗ | ✗ | ✗ | ✗ |
Application and client settings
| Endpoint | owner | access_issuer | direct_access | direct_read_access | login_client |
|---|---|---|---|---|---|
| View an Application Setting POST | ✓ | ✓ | ✓ | <✓ | ✓ |
| Modify an Application Setting POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| Modify Multiple Application Settings POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| List Client Settings POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| View a Client Setting POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| View Client Settings POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| View Multiple Client Settings POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| Modify a Client Setting POSTs | ✓ | ✗ | ✗ | ✗ | ✗ |
| Modify Multiple Client Settings POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| Delete Multiple Client Settings POST | ✓ | ✗ | ✗ | ✗ | ✗ |
| Delete a Client Setting POST | ✓ | ✗ | ✗ | ✗ | ✗ |