Only Users with the "Administrative" role can create and manage API Clients.
An API client is the collective name used to represent the credentials you need to access the APIs. These credentials comprise the
Client ID which acts as an Identifier and the
Client Secret which acts as an "API password" of sorts. Hence it is important to keep the
Client Secret out of publicly accessible code, eg: your frontend code and public repositories.
You may create an API client from your eTrusted Control Centre by clicking on the Settings option as shown in illustration 1 above.
This should take you to the API Client Management Page. All existing API Clients are listed out on this page. To create a new one use the
Create new client button as shown in illustration 2.
This will present you with a pop up asking for the following details:
Name: The name provided will help you identify and differentiate between API Clients within the Control Centre.
Identifier: This is a lot similar to the above Name field, the only difference being that the Identifier is used as part of the
Client IDfor the API Client. A prefix is automatically appended to your identifier in other to produce your
Client ID. The end result will have the following format:
Description: If you have multiple API Clients, it might be useful to add some description detailing what the API client is used for. This field is optional and can be left unfilled.
Before clicking on "save" to persist your new API client, you may toggle the
enable client button to make it active.
Once saved you can view both your
Client ID and
Client Secret by clicking on the collapse button at the far right of your new API Client.
With your API credentials, the next thing to do is generate an
access token through authentication. With this, you can begin making API calls.