Create API Client Credentials

Prev Next
Post
/env-mgmt/1.0/api-key/clients

This API enables users to create Client Credentials associated to a Tenant or Environment.

Notice

Accessing the Policy Management APIs is through a dedicated domain/URL according to your PlainID Tenant Location:
https://api.{REGION}.plainid.io

United States (US) - https://api.us1.plainid.io
Canada (US) - https://api.ca1.plainid.io
Europe (US) - https://api.eu1.plainid.io

Replace{REGION} with your PlainID Tenant region (e.g. us1, eu1, ca1, etc.).

Important note about headers

Refer to the headers below to modify your cURL sample. Check if the following headers are in the sample, if not, ensure you add it to your cURL sample before pasting into your API tool.

Headers

*Required
Header Value cURL Line
Accept`application/json` `-H"Accept: application/json"`
Content-Type`application/json` `-H"Content-Type: application/json"`

cURL Sample Guidelines

In order for the relevant parameters to appear in the cURL sample, you can input the values in the interactive API console on the right. They will then appear in the cURL sample on the bottom of the page in the correct format.


Using HTML Encoded Special Characters

Use HTML encoded patterns when working with values that contain special characters like spaces, dashes, etc. Refer to this HTML URL Encoding Reference for a full list.


Security
HTTP
Type bearer

For more details about Administration API Authentication, check out the Authentication APIs documentation. Provide your bearer token in the Authorization header when making requests to protected resources. Example: Authorization: Bearer 123

Body parameters
Environment Admin Sample
{
  "ownerId": "b0e1f961-2061-4f83-8392-b5aa19fed0c1",
  "ownerType": "ENVIRONMENT",
  "name": "Name21",
  "description": "Name21 Description",
  "tokenDuration": "PT1440M",
  "permission": "ADMIN"
}
Environment Viewer Sample
{
  "ownerId": "b0e1f961-2061-4f83-8392-b5aa19fed0c1",
  "ownerType": "ENVIRONMENT",
  "name": "Name22",
  "description": "Name22 Description",
  "tokenDuration": "PT1440M",
  "permission": "VIEWER"
}
Tenant Admin Sample
{
  "ownerId": null,
  "ownerType": "TENANT",
  "name": "Name23",
  "description": "Name23 Description",
  "tokenDuration": "PT1440M",
  "permission": "ADMIN"
}
object
ownerId
string (UUID) | null Required

Client Owner is the Environment ID. The Environment ID can be found under the Details tab in the Environment Settings. If this is for a Tenant Admin, input null or - in the ownerId field.

ownerType
string Required

Type of Client Owner.

Valid values[ "ENVIRONMENT", "TENANT" ]
name
string Required

API Client Credential Name

Max length100
description
string

API Client Credential Description

Max length200
tokenDuration
string (ISO-8601 duration) Required

Client Token Duration

ExamplePT90M
permission
string Required

Client Access Permissions. When configuring Client Credentials for a Tenant, Permissions can be set to ADMIN only.

Valid values[ "ADMIN", "VIEWER" ]
Responses
201

Client Created Successfully

object
id
string

Copy and save this id to use as your Client ID.

ownerId
string (UUID)
ownerType
string
name
string
description
string
secret
string

Copy and save this secret to use as your Client Secret.

tokenDuration
string (ISO-8601 duration)
permission
string
400

Bad Request

client count limitation
{
  "id": "EW68XA",
  "status": 400,
  "name": "clientCountLimitation",
  "message": "Client count limitation exceeded"
}
client already exists
{
  "id": "EW69XA",
  "status": 400,
  "name": "clientAlreadyExists",
  "message": "Client {name} already exists"
}
Expand All
object
code
string
id
string
status
integer
name
string
message
string
args
object
path
string
403

Forbidden

forbidden environment
{
  "id": "EW65XA",
  "status": 403,
  "name": "forbiddenEnvironment",
  "message": "operation get for resource Environment {ownerId} is not allowed because the current user does not have the appropriate permissions"
}
forbidden tenant
{
  "id": "EW66XA",
  "status": 403,
  "name": "forbiddenTenant",
  "message": "Operation GET for resource Tenant {tenantId} is not allowed because the current user does not have the appropriate permissions."
}
Expand All
object
code
string
id
string
status
integer
name
string
message
string
args
object
path
string
404

NotFound

environment not found
{
  "code": "EVM-002",
  "id": "EW67XA",
  "status": 404,
  "name": "environmentNotFoundError",
  "message": "envId: {ownerId} does not exist"
}
Expand All
object
code
string
id
string
status
integer
name
string
message
string
args
object
path
string
422

unprocessable entity

unsupported owner type
{
  "id": "EW51XA",
  "status": 422,
  "name": "UnsupportedOwnerType",
  "message": "{ownerType} is not supported"
}
Expand All
object
code
string
id
string
status
integer
name
string
message
string
args
object
path
string