To create API credentials, it is mandatory for the user to hold either the Super Admin or Admin role within the Clazar platform, ensuring appropriate authorization for the generation of these credentials.
- Log in to the Clazar Platform using your account.
- Go to the Settings section of the platform.
- In the Integration section, find and click on API Access to proceed with creating new API credentials.
- Click on the Create API Credentials button. This will generate a new application with a unique Client ID and Client Secret.
Please remember that the Client Secret is only visible at the time it is generated. It is highly important to securely save the Client Secret at this point to ensure its availability for future use.
- After creating the API credentials, you will be able to see your newly generated Client ID and Client Secret on the page. These credentials are now ready to be used for authenticating your application.
The Client Secret is a confidential piece of information that should only be used to authenticate your application and make requests to Clazar's APIs. It is crucial to keep the Client Secret private and avoid exposing it.
To rotate the Client Secret for your API credentials, please follow these steps:
- On the API Access page, you can find the "Rotate Client Secret" button. Clicking on it will trigger the rotation process, generating a new Client Secret exclusively for your API credentials.
Please note that once the rotation process is initiated, the current Client Secret will become irretrievable. It is crucial to be aware that any clients depending on the previous secret will no longer function correctly. To ensure uninterrupted operation, it is imperative to promptly update your application's configuration with the new Client Secret.
- Once the client secret rotation process is completed, you will find the newly generated Client ID and Client Secret displayed on the page. These credentials are now ready to be used for authenticating your application effectively.
Good to know
Rotating the client secret periodically enhances security by mitigating the risk of unauthorized access and reducing the exposure window for potential attacks.
- On the API Access page, you can find the "Delete" button.
- Click on the "Delete" button to initiate the deletion process.
You need to Know
Deleting the API credentials will render the associated Client Secret irrecoverable.
It is important to exercise caution when deleting API credentials, as this action cannot be undone, and it may impact the functionality of any applications or systems relying on those credentials.
Updated 8 months ago