Guide

API Credentials

Suggest Edits

The API Credentials feature of Aurora allows for creation of the OAuth API client ID & secret, required to allow login and access to the v2 Aurora APIs.

This article will take you through the key concepts and workflows associated with managing API Credentials in Aurora.

📘

General Note

You should create a new client ID / secret pair for each system that will be connecting to the Aurora v2 APIs; these must not be shared between API clients.

Navigating to the API Credentials Area

Firstly ensure that you are logged into the Aurora backend, then navigate to the API Credentials area via Stores > API Credentials via main navigation bar:

API Credentials Listing

The first thing you will see when you navigate to the API Credentials area is the listing of previously created credentials which will look like this:

On this screen you will see the Client ID generated by the system as well as the description provided on creation.

Creating API Credentials

From the listing screen click on the Add API Credentials button, this will take you to the create API Credentials screen:

From here you must:

  • Enter a description of 5 characters or more
  • Specify at least one IP address or CIDR block (e.g. 192.168.0.1 or 10.0.0.1/16). You may also check the "Allow access from anywhere" checkbox which will will automatically enter a CIDR block that grants access from any IP address.
  • Select at least one scope to grant access too.

With those details entered you may now click the Add API Credentials button at the bottom of the screen to create the credentials. When all the required details were correctly entered you will then be presented with a confirmation screen that looks like this:

🚧

Warning!

Please ensure that you make a copy of the generated Client ID and Client secret and store these in a secure location. For security reasons, once you navigate away from this screen you will not be able to retrieve the Client Secret from Aurora.

Editing API Credentials

You can select API Credentials for editing by clicking on the edit button from the main listing screen. You may edit any of the fields that were entered during creation of API credentials and then save the record via the Edit API Credentials button.

Deleting API Credentials

You may delete API Credentials by clicking on the delete button from the main listing screen. You will be prompted to confirm that you wish to delete them, please take care to verify that this is indeed an action you wish to complete - deleted API Credentials cannot be recovered.

Updated almost 2 years ago