Create an API Client

Creates an API client with a random client ID and secret and assigns the given entitlements. The client is configured with the client_credentials grant type. You must perform a GET operation on the returned location header to get the generated client ID and secret.

The entitlements array can contain any combination of entitlements.

List of API Client entitlements:
EntitlementDescriptionOffering
manageDeploymentManage deploymentany
manageCertsManage certificatesany
readCertsRead certificatesany
manageAPIClientsManage API clientsany
readAPIClientsRead API clientsany
manageIdentitySourcesManage identity providersany
readIdentitySourcesRead identity providersany
manageMFAMethodsManage second-factor authentication method configurationCIC
readMFAMethodsRead second-factor authentication method configurationCIC
manageEnrollMFAMethodAnyUserManage second-factor authentication enrollment for all usersCIV
readEnrollMFAMethodAnyUserRead second-factor authentication enrollment for all usersCIV
authnAnyUserAuthenticate any userCIV
manageAuthenticatorsConfigManage authenticator configurationCIV
readAuthenticatorsConfigRead authenticator configurationCIV
manageAuthenticatorsAnyUserManage authenticator registrations for all usersCIV
readAuthenticatorsAnyUserRead authenticator registrations for all usersCIV
manageUserGroupsManage users and groupsany
readUserGroupsRead users and groupsany
manageAllUserGroupsSynchronize users and groupsany
manageUsersPwdResetManage users and their pwdReset attributeany
manageUserStandardGroupsManage users and standard groupsany
manageAdminGroupManage administrator groupany
readAdminGroupRead administrator groupany
managePwdPolicyManage password policyany
readPwdPolicyRead password policyany
AnalyticsDataSyncToCloudCIA
AnalyticsSatelliteOnBoardCIA
manageOIDCGrantsManage OAuth tokensany
readOIDCGrantsRead OAuth tokensany
recoverUsernameRecover user nameany
manageFederationsManage federations any
readFederationsRead federations any
resetPasswordReset password any
manageAppAccessAdminManage application lifecycleany
manageAppAccessOwnerManage application entitlementsany
manageSubscriptionsManage subscriptionsISC
manageAccessPoliciesManage access policiesany
readAccessPoliciesRead access policiesany
managePushCredsManage Push notification credentialsany
readPushCredsRead Push notification credentialsany
manageAccessRequestManage access requestCIG
manageAccessWorkflowManage access request work flowsCIG
manageOIDCConsentsManage OAuth consentsany
readOIDCConsentsRead OAuth consentsany
manageReportsManage reportsany. Exception: application usage reports can only be exported by CIC.
readReportsRead reportsany. Exception: application usage reports can only be accessed by CIC.
updateAnyUserUpdate any userany
resetPasswordAnyUserReset password of any userany
readTenantPropertiesRead tenant propertiesany
manageTenantPropertiesManage tenant propertiesany
manageAttributesManage attribute sourcesany
readAttributesRead attribute sourcesany
generateOTPGenerate OTPCIV
readAppConfigRead application configurationany
manageTemplatesManage templates and themesany
readTemplatesRead templates and themesany
reviewCertRecordsReview certification recordsCIG
readEntitlementsRead configurable entitlementsany
manageNotificationProvidersManage notification providersany
readNotificationProvidersRead notification providersany
manageCertificationsManage certificationsCIG
readExternalAgentsRead external agentsany
manageExternalAgentsManage external agentsany
runExternalAgentEnable external agent runtime functionsany
manageOidcDynamicClientManage OIDC client registration dynamicallyany
readPurposeRead privacy purposes and EULAany
managePurposeManage privacy purposes and EULAany
manageAppPurposeManage application privacy purposesany
readPrivacyConsentRead privacy consentsany
managePrivacyConsentManage privacy consentsany
readPrivacyPolicyRead privacy rules and policyany
managePrivacyPolicyManage privacy rules and policyany
createPrivacyConsentCreate privacy consent recordsany
performDSPRetrieve privacy purposes and associated user's consentany
performDUACheck for data usage approvalany
certCampaignSupervisorMonitor certification campaignsCIG
managePwdVaultAnyUserManage password vault for all usersCIC, CIV
managePwdVaultManage own password vaultCIC, CIV
readPwdVaultAnyUserRead password vault for all usersCIC, CIV
readPwdVaultRead own password vaultCIC, CIV
managePwdVaultConfigManage password vault configurationCIC, CIV
readPwdVaultConfigRead password vault configurationCIC, CIV
mfaPushSend second-factor push notificationsCIV
readPrivacyProfileRead privacy profilesany
managePrivacyProfileManage privacy profilesany
manageEntitlementsManage entitlementsany
manageDevicesAnyUserManage devices for all usersany
readDevicesAnyUserRead devices for all usersany
manageDevicesManage only your devicesany
readDevicesRead only your devicesany
manageRecaptchaManage reCAPTCHA configurationany
readRecaptchaRead reCAPTCHA configurationany
manageLoginSessionsManage login sessionsany
manageRelyingPartyManage relying party configurationany
readRelyingPartyRead relying party configurationany
manageWebhooksManage webhooks any
readWebhooksRead webhooks any
readSTSClientsRead STS clients and token typesany
manageSTSClientsManage STS clients and token typesany
manageVerifiableLinksManage verifiable links configurationany
readSelfOidcGrantsRead your OIDC and OAuth grantsany
manageSelfOidcGrantsManage your OIDC and OAuth grantsany
diManageAgencyManage Decentralized Identity Agency Configurationany
diReadAgencyRead Decentralized Identity Agency Configurationany
diManageAgentsAnyManage Decentralized Identity Agentsany
diReadAgentsAnyRead Decentralized Identity Agentsany
manageMyOrgManage my organizationCIG
diIssueCredentialsIssue Decentralized Identity Verifiable CredentialsCIV
diVerifyCredentialsVerify Decentralized Identity Verifiable CredentialsCIV


Entitlements required: manageAPIClients (Manage API clients)

Language
URL