API client

As an account administrator, get details of an API client you can manage.

data "akamai_iam_api_client" "my-api-client" {
  client_id = "1ab2cd34efg5hij6"
}

output "my-api-client" {
  value     = data.akamai_iam_api_client.my-api-client
  sensitive = true
}

my-api-client = (sensitive value)

Argument

Pass an empty data block to get your own API client. Optionally, pass a client ID to get details of another API client.

Attributes

Returned to you are the details of the API client.

Attribute	Description
`client_id`	The API client's ID.
`client_description`	A human-readable description of the API client.
`client_name`	A descriptive, human-readable name for the API client.
`client_type`	The type of the API client's ownership and credential management. Possible values: `CLIENT`. Indicates the creator owns and manages the credentials. `USER_CLIENT`. Indicates another user owns the client and manages the credentials.
`created_by`	The user who created the API client.
`created_date`	The ISO 8601 timestamp indicating when the API client was created.
`actions`	Actions available on the API client. When set to `true`, you can perform a given action on the API client. Includes: `delete`. Enables you to remove the API client. `deactivate_all`. Enables you to deactivate the API client's credentials. `edit`. Enables you to update the API client. `edit_apis`. Enables you to update the `apis` the API client can access, same as `edit_auth`. `edit_auth`. Enables you to update the `apis` the API client can access, same as `edit_apis`. `edit_groups`. Enables you to update the `groups` the API client can access. `edit_ip_acl`. Enables you to update the `ip_acl` the API client can access. `edit_switch_account`. Enables you to update the API client's option to manage many accounts. `lock`. Enables you to lock the API client. `unlock`. Enables you to unlock the API client. `transfer`. Enables you to transfer the API client to a new owner.
`active_credential_count`	The number of credentials active for the API client. When the count is `0`, you can delete the API client without interruption.
`allow_account_switch`	When `true`, the API client can manage more than one account.
`api_access`	The APIs the API client can access. Includes: `all_accessible_apis`. When `true`, the API client can access a full set of available APIs. `apis`. The set of APIs the API client can access. It returns each API's details when `all_accessible_apis` is set to `false`. Includes: `access_level`. The API client's access level defined on an API basis. Possible values: `READ-ONLY` `READ-WRITE` `CREDENTIAL-READ-ONLY` `CREDENTIAL-READ-WRITE` Note: `CREDENTIAL-READ-ONLY` and `CREDENTIAL-READ-WRITE` is returned only for the API Keys and Traffic Management API. `api_id`. The API's ID. To get this value, run the Allowed APIs data source. `api_name`. A descriptive, human-readable name for the API. `description`. A human-readable description for the API. `documentation_url`. A link to the API's documentation. `endpoint`. An endpoint from which the API can access resources.
`authorized_users`	The API client's valid users. To get the `username`, run the Authorized users data source.
`can_auto_create_credential`	When `true`, your API client can create credentials for a new API client. Defaults to `false` if not set. Note: Auto-creating credentials is available only if the API client is created for the same user as the actor API client.
`base_url`	The base URL for the service.
`access_token`	The part of the client secret that identifies your API client and lets you access applications and resources.
`credentials`	The API client's credentials. Each credential record includes: `credential_id`. The credential's ID. `description`. A human-readable description for the credential. `client_token`. The part of the credential that identifies the API client. `created_on`. The ISO 8601 timestamp indicating when the credential was created. `description`. A human-readable description for the credential. `expires_on`. The ISO 8601 timestamp indicating when the credential expires. The default expiration date is two years from the creation date. `status`. The credential's status, either `ACTIVE`, `INACTIVE`, or `DELETED`. `actions`. Actions available on the API client's credential. When set to `true`, you can perform a given action on the credential. `activate`. Enables you to activate the credential. `deactivate`. Enables you to deactivate the credential. `edit_description`. Enables you to modify your credential's description. `edit_expiration`. Enables you to modify the credential's expiration date. `delete`. Enables you to remove the credential.
`group_access`	The API client's group access. Includes: `clone_authorized_user_groups`. When `true`, the API client's group access is copied from the authorized user. `groups`. Groups the API client can access. Each group record includes: `group_id`. A group's ID. `group_name`. A descriptive, human-readable name for the group. `is_blocked`. When `true`, this blocks the API client's access to the group's child groups. `parent_group_id`. The parent group's ID within the group tree. `sub_groups`. Children of the parent group. Its nesting level is 50. `role_description`. A human-readable description for the role that conveys its use. `role_id`. A role's ID. `role_name`. A descriptive, human-readable name for the role.
`ip_acl`	The API client's IP list restriction. Includes: `enable`. When `true`, the API client can access the IP access control list (ACL). `cidr`. IP addresses or CIDR blocks the API client can access. These details are returned when `enable` is set to `true`.
`notification_emails`	Email addresses of users who get notified when credentials expire.
`purge_options`	Provides details of the API client's access to the Fast Purge API. Includes: `can_purge_by_cache_tag`. When `true`, the API client can purge content by cache tag. `can_purge_by_cp_code`. When `true`, the API client can purge content by CP code. `cp_code_access`. CP codes the API client can purge. Includes: `all_current_and_new_cp_codes`. When `true`, the API client can purge content by all current and new CP codes. `cp_codes`. CP codes the API client can purge. To get these values, run the List allowed CP codes operation from the Identity and Access Management API. Notes: The details of `purge_options` are returned if the `apis` argument includes an `api_name` of `CCU APIs` or the `all_accessible_apis` argument is set to `true`. The details of `cp_codes` aren't returned if the `all_current_and_new_cp_codes` argument is set to `true` or `clone_authorized_user_groups` is `false`.
`is_locked`	When `true`, the API client is locked.

Updated 3 months ago