Generating API Credentials

Only Users with the "Administrative" role can create and manage API Clients.

An API client is the collective name used to represent the credentials you need to access the APIs. These credentials comprise the Client ID which acts as an Identifier and the Client Secret which acts as an "API password" of sorts. Hence it is important to keep the Client Secret out of publicly accessible code, eg: your frontend code and public repositories.

You may create an API client from your eTrusted Control Centre by clicking on the Settings option as shown in illustration 1 above.

This should take you to the API Client Management Page. All existing API Clients are listed out on this page. To create a new one use the Create new client button as shown in illustration 2.
This will present you with a pop up asking for the following details:

  • Name: The name provided will help you identify and differentiate between API Clients within the Control Centre.

  • Identifier: This is a lot similar to the above Name field, the only difference being that the Identifier is used as part of the Client ID for the API Client.
    A prefix is automatically appended to your identifier in other to produce your Client ID.
    The end result will have the following format: <prefix>-<your identifier>.

  • Description: If you have multiple API Clients, it might be useful to add some description detailing what the API client is used for. This field is optional and can be left unfilled.

Before clicking on "save" to persist your new API client, you may toggle the enable client button to make it active.

Once saved you can view both your Client ID and Client Secret by clicking on the collapse button at the far right of your new API Client.

What next?

With your API credentials, the next thing to do is generate an access token through authentication. With this, you can begin making API calls.