Articles in this section

See more

API Management

Avatar
MemberClicks Engineering
Updated
Follow

What is it?

API Management is the administrative page for managing and configuring 3rd party API clients.  This page is only available to ASAs (Authorized Service Administrators).  When a 3rd party client wants to use the MC Professional API to interact with your data, you will need to create an API client.  The API client will be created with a unique client ID and client secret.

When configuring the API client, you will choose what grant types the 3rd party client are authorized to use.  The following are the available grant types:

  • Authorization Code
  • Implicit
  • Resource Owner Password Credentials
  • Client Credentials
  • Refresh Token

If the Authorization Code or Implicit grant type is enabled, you will need to configure the API client with at least one redirect URI.  These redirect URIs will be provided by the 3rd party client's developer implementing the integration with the API.

If the Client Credentials grant type is enabled, you will need to select which groups are assigned to this grant type.  The access token that is issued through the Client Credentials grant type will have the permissions of the selected groups.  Typically you would select your administrative group.

How to Access

Navigate to Settings > Account Settings and click on the "API Management" link.

Account_Settings_menu_item.png

api-2.png

API Client List

The main page of API Management displays the list of API clients configured for your organization and the client ID and client secret for each API client.  The client ID and client secret are what you would provide to the 3rd party client's developer.  This page also includes links to create, edit and delete clients, and regenerate the client secret.

api-3.png

Creating an API Client

To create a new API client, click the "Create API Client" button from the main API Management page.

api-4.png

Enter a name that describes this integration or the 3rd party client.

api-5.png

Once you click Create API Client, the API client will be created and you will be directed to the API client configuration page.

Configuring an API Client

The API client configuration page is displayed after initially creating an API client or when editing an existing API client.

To edit an exiting client, hover over the API client you want to modify and click the Edit button that appears.

api-6.png

Name, Client ID and Client Secret

The top-left section client of the configuration page displays the API client name, client ID and client secret. You can edit the name but the client ID and client secret are not editable.  If you need to regenerate the client secret, you can use the "Regenerate Secret" link from the main API Management page.

api-7.png

Selecting Scopes

Select the scopes that this API client is authorized to use. All API tokens will have read enabled. In order to make any updates through the API, the write permission must be selected.Screen_Shot_2020-04-17_at_1.15.53_PM.png


Selecting Authorized Grant Types

Select the grant types that this API client is authorized to use.  For a more detailed description of the grant types, see the the API Authorization page.

api-8.png

Configuring Redirect URIs

If you have enabled the Authorization Code or Implicit grant type, you will need to add at least one redirect URI.  Redirect URIs must be a properly formatted URI starting with "http://" or "https://".  Redirect URIs are provided by the 3rd party client's developer.

Adding a Redirect URI

To add a new redirect URI, enter the new URI in the box pictured below, then click the "Add a Redirect URI" button.

api-9.png

Editing a Redirect URI

To edit an existing redirect URI, hover over the URI you want to modify, then click the "Edit" button.

api-10.png

Deleting a Redirect URI

To delete an existing redirect URI, click the "Delete" link next to the redirect URI you want to delete. This button is pictured next to the Edit button in the above screenshot.

Selecting Groups

If you have enabled the Client Credentials grant type, select the groups that will be associated with the access token issued through this grant type.  The access token will have the cumulative permissions of all the groups that are selected.  Typically you would select your administrative group.

api-11.png

Deleting an API Client

To delete an existing API Client, click the "Delete" link next to the API client you want to delete and click the "Delete" button in the confirmation modal.  Once an API client is deleted, any 3rd party integrations using the old client ID will immediately stop working.

api-12.png

api-13.png

Regenerating the Client Secret

To regenerate the client secret for an exiting API client, click the "Regenerate Secret" link next to the API client and click "Save" in the confirmation modal.  Once the client secret has been regenerated, any 3rd party integrations using the old client secret will immediately stop working.  You will need to provide the new client secret to the 3rd party client's developer.

api-14.png

api-15.png

 

Related articles

Comments

0 comments

Please sign in to leave a comment.