Articles in this section

User Management: How do I give access to API Apps?

Avatar
Stella Park
Updated
Follow
User Management Users

PLEASE NOTE: These instructions are used for specifically for the new User Management interface.

If you’d like to discuss upgrading to the new User Management interface, you can chat with one of our agents below or send an email to support@zerionsoftware.com and someone will reach out to you ASAP.

Table of Contents

How do I give access to API Apps?

To give API Admin access to a user (or yourself) in the User Management interface, please follow the instructions below. 

PLEASE NOTE: You must be a Server or Company Admin to give access to yourself and others.

STEP 1. From the Admin Portal, click the Mega Menu and select User Management.

mceclip0.png

STEP 2. Search for the user you wish to edit. You can search using the following fields:

  • Username
  • First Name
  • Last Name
  • Email

mceclip1.png

STEP 3. Click the "eye" icon for the user you'll be editing.

mceclip2.png

STEP 4. Click Edit to update the user's policy permissions.

mceclip3.png

STEP 5. Click Assign Policies on the bottom right OR the Policies circle icon to move to the Policies page.

mceclip4.png

STEP 6. Click the checkbox next to Api Admin to assign this access to the user. Then click Review and Save if no other updates are needed.

mceclip5.png

STEP 7. Review your changes and click Save.

mceclip6.png

How do I create an API App with API Admin access?

Once the username is assigned to the API Admin policy, to view this feature and create API Apps, please follow the instructions below.

STEP 1. From the Admin Portal, click the Mega Menu and select My Profile. You can also go to User Management, find your username and click on the "eye" icon.

mceclip7.png

STEP 2. Under the default tab Assigned Policies, API Admin is listed (Again, after you assign the policy to the username). Click on the API Apps tab.

PLEASE NOTE: If you do not see API Apps tab, you will need to log out and log back in.

mceclip8.png

STEP 3. Click the plus sign button to create an API App.

mceclip9.png

STEP 4. The New User API Access pop-up will appear. Type in the name of the API App, a description (optional) and the Authentication type.

Authentication Types:

  • JWT: A JWT, or JSON Web Token, is a JSON-based open standard (RFC 7519) for creating access tokens that assert some number of claims in a JSON document that is then signed. JWTs can be used as OAuth 2.0 Bearer Tokens to encode all relevant parts of an access token into the access token itself instead of having to store them in a database.
  • Password: The Password grant type is a way to exchange a user's credentials for an access token. Because the client application has to collect the user's password and send it to the authorization server, it is not recommended that this grant be used at all anymore.
    • This is able to be selected once JWT is deselected.
  • Authentication Code: The Authorization Code grant type is used by confidential and public clients to exchange an authorization code for an access token. After the user returns to the client via the redirect URL, the application will get the authorization code from the URL and use it to request an access token. If Authentication Code is selected, another option will appear called Refresh Token.
    • This is able to be selected once JWT is deselected.
  • Refresh Token: Refresh Token is a string that the OAuth client (either Password or Authentication Code) can use to get a new access token without the user's interaction.
    • This is able to be selected once Authorization Code is selected.

mceclip10.png

As stated above, if Authentication Code is selected, the Refresh Token option will appear:

Redirect Uri: The application will get the Authorization Code from this Redirect URL and use it to request an access token.

mceclip0.png

STEP 5. Click Create once you are done creating the API App.

mceclip11.png

STEP 6. The Client Key and Client Secret will appear next. You can click Download to create a text file of this information.

mceclip12.png

STEP 7. Under the API Apps tab, you will see the API App you created.
mceclip13.png

STEP 8. You can also Edit or Delete the API access by hovering over the row.

mceclip14.png

How do I create an Access Token?

In order to use these newly created API keys for iForm API calls, you need to have an access token. This can be done through the User Management user interface as seen in Step 6 above or the following ways below:

Password Flow:

The request URL will need to be https://identity.zerionsoftware.com/oauth2/token and these fields in the request body:

  • grant_type: password
  • client_id:
  • client_secret:
  • username:
  • password:
  • server_id: app or <your_server_name>

mceclip1.png

JWT Flow:

The request URL will need to be https://identity.zerionsoftware.com/oauth2/token and these fields in the request body:

  • grant_type: urn:ietf:params:oauth:grant-type:jwt-bearer
  • assertion: <JWT_token_here>

Learn more here on how to create JWT Token

mceclip2.png

Authorization Code Flow

The Authorization Code (aka Oauth 2.0) grant type is used by confidential and public client side applications to exchange an authorization code for an access token. After the user returns to the client via the redirect URL, the application will get the authorization code from the redirect URL and use it to request an access token.

You may find this information useful while creating an Oauth 2.0 connection.
OAuth2 Authorize Endpoint: https://identity.zerionsoftware.com/oauth2/authenticate
OAuth2 Token Endpoint: https://identity.zerionsoftware.com/oauth2/token

Learn how to use DFA to create an iFormBuilder Oauth2.0 connection

 

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk