Create API Client Credentials

12 Dec 2023
3 Minutes to read

Print
Dark
Light
PDF

Create API Client Credentials

Updated on 12 Dec 2023
3 Minutes to read

Print
Dark
Light
PDF

Article Summary

Share feedback

Thanks for sharing your feedback!

Post

/env-mgmt/1.0/api-key/clients

This API enables users to create Client Credentials associated to a Tenant or Environment.

Notice

Accessing the Policy Management APIs is through a dedicated domain/URL according to your PlainID Tenant Location:
https://api.{REGION}.plainid.io

United States (US) - https://api.us1.plainid.io
Canada (US) - https://api.ca1.plainid.io
Europe (US) - https://api.eu1.plainid.io

Replace{REGION} with your PlainID Tenant region (e.g. us1, eu1, ca1, etc.).

Security

Http

Type bearer

For more details about Management API Authentication, check out the Management APIs Authentication Article
Provide your bearer token in the Authorization header when making requests to protected resources.
Example: `Authorization: Bearer 123`

Body parameters

Environment Admin Sample

{
  "ownerId": "b0e1f961-2061-4f83-8392-b5aa19fed0c1,",
  "ownerType": "ENVIRONMENT,",
  "name": "Name21,",
  "description": "Name21 Description,",
  "tokenDuration": "PT1440M,",
  "permission": "ADMIN"
}

Environment Viewer Sample

{
  "ownerId": "b0e1f961-2061-4f83-8392-b5aa19fed0c1,",
  "ownerType": "ENVIRONMENT,",
  "name": "Name22,",
  "description": "Name22 Description,",
  "tokenDuration": "PT1440M,",
  "permission": "VIEWER"
}

object

ownerId

string (UUID) Required

Client Owner is the Environment ID. The Environment ID can be found under the Details tab in the Environment Settings. If this is for a Tenant Admin, input null or - in the ownerId field.

Valid values[ "EnvId", "null or -" ]

ownerType

string Required

Type of Client Owner.

Valid values[ "ENVIRONMENT", "TENANT" ]

name

string Required

API Client Credential Name

Valid values[ "Client name" ]

Max length100

description

string

API Client Credential Description

Max length200

tokenDuration

string (ISO-8601 duration) Required

Client Token Duration

Valid values[ "15-1440 minutes" ]

ExamplePT90M

permission

string Required

Client Access Permissions. When configuring Client Credentials for a Tenant, Permissions can be set to ADMIN only.

Valid values[ "ADMIN", "VIEWER" ]

Responses

201

Client Created Successfully

string

Copy and save this id to use as your Client ID.

ownerId

string (UUID)

ownerType

string

name

string

description

string

secret

string

Copy and save this secret to use as your Client Secret.

tokenDuration

string (ISO-8601 duration)

permission

string

400

Bad Request

client count limitation

{
  "id": {
    "type": "string",
    "example": "EW68XA",
    "description": "ID for Error Instance"
  },
  "status": {
    "enum": [
      "400"
    ]
  },
  "name": {
    "type": "string",
    "enum": [
      "clientCountLimitation"
    ]
  },
  "message": {
    "type": "string",
    "enum": [
      "Client count limitation exceeded"
    ]
  }
}

client already exists

{
  "id": {
    "type": "string",
    "example": "EW69XA",
    "description": "ID for Error Instance"
  },
  "status": {
    "enum": [
      "400"
    ]
  },
  "name": {
    "type": "string",
    "enum": [
      "clientAlreadyExists"
    ]
  },
  "message": {
    "type": "string",
    "enum": [
      "Client {name} already exists"
    ]
  }
}

Expand All

object

code

string

status

integer

name

string

message

string

args

object

path

string

403

Forbidden

forbidden environment

{
  "id": {
    "type": "string",
    "example": "EW65XA",
    "description": "ID for Error Instance"
  },
  "status": {
    "enum": [
      "403"
    ]
  },
  "name": {
    "type": "string",
    "enum": [
      "forbiddenEnvironment"
    ]
  },
  "message": {
    "type": "string",
    "enum": [
      "operation get for resource Environment {ownerId} is not allowed because the current user does not have the appropriate permissions"
    ]
  }
}

forbidden tenant

{
  "id": {
    "type": "string",
    "example": "EW66XA",
    "description": "ID for Error Instance"
  },
  "status": {
    "enum": [
      "403"
    ]
  },
  "name": {
    "type": "string",
    "enum": [
      "forbiddenTenant"
    ]
  },
  "message": {
    "type": "string",
    "enum": [
      "Operation GET for resource Tenant {tenantId} is not allowed because the current user does not have the appropriate permissions."
    ]
  }
}

Expand All

object

code

string

status

integer

name

string

message

string

args

object

path

string

404

NotFound

environment not found

{
  "code": {
    "type": "string",
    "enum": [
      "EVM-002"
    ]
  },
  "id": {
    "type": "string",
    "example": "EW67XA",
    "description": "ID for Error Instance"
  },
  "status": {
    "enum": [
      "404"
    ]
  },
  "name": {
    "type": "string",
    "enum": [
      "environmentNotFoundError"
    ]
  },
  "message": {
    "type": "string",
    "enum": [
      "envId: {ownerId} does not exist"
    ]
  }
}

Expand All

object

code

string

status

integer

name

string

message

string

args

object

path

string

422

unprocessable entity

unsupported owner type

{
  "id": {
    "type": "string",
    "example": "EW51XA",
    "description": "ID for Error Instance"
  },
  "status": {
    "enum": [
      "422"
    ]
  },
  "name": {
    "type": "string",
    "enum": [
      "UnsupportedOwnerType"
    ]
  },
  "message": {
    "type": "string",
    "enum": [
      "{ownerType} is not supported"
    ]
  }
}

Expand All

object

code

string

status

integer

name

string

message

string

args

object

path

string

Was this article helpful?

What's Next

List API Client Credentials