Create an API Client

Endpoint URL: {registrationDomain} /clients/add


Creates a new API client. This endpoint accepts the following methods:

  • POST


POST

Add a new client to Registration. Once created, your new client will have access to the API, and if applicable, the UI. Default clients have no permissions, so you need to configure them in the dashboard, unless you add permissions using the features parameter.

The client_id and client_secret are generated by the Identity Cloud and included in the API response. This API call may only be made by the owner client.

Optionally, you may set the features for the client at the time of creation. The features that you can add are:

  • owner — Complete admin access.
  • access_issuer — Can issue access tokens for other clients.
  • direct_read_access — Has read access to all records.
  • direct_access — Has read and write access to all records.
  • login_client — This client has permission to use login and registration-based API endpoints.

For more information on these features, see the API Clients and Permissions topic.

API Client Permissions

The following table indicates the API clients that can (and the API clients that can't) be used to call this endpoint:

owner
access_issuer
direct_access
direct_read_access
login_client
Yes
No
No
No
No


Authentication

This endpoint supports Basic authentication. 

How to Create an Authentication String


Base URL

The base URL for this endpoint is your Identity Cloud Capture domain; for example:

https://educationcenter.us-dev.janraincapture.com

Your Capture domains (also known as Registration domains) can be found in the Console on the Manage Application page:

Examples

Example Request

This command creates an API client that has the direct_read_access feature. This gives the client read-only access to user records.


curl -X POST \
  -H "Authorization: Basic c2dueXZ1czZwYzRqbTdraHIybmVxNWdzODlnYnIyZXE6d3Q0YzN1bjl3a2tjZnZ5a25xeDQ0eW5jNDc2YWZzNjg=" \
  --data-urlencode description='Client with direct read access'\
  --data-urlencode features='["direct_read_access"]' \
  https://my-app.janraincapture.com/clients/add
    

      Running this command in Postman

Authorized Clients

  • owner

Security

  •  janrain-signed
  •  basic-auth

Query Parameters

ParameterTypeRequiredDescription
descriptionstringYesString description of the client.
 
featuresstring
A JSON array of client features. If not included, the client will be created but will not have any features.
 

Responses

200 OK

Example Error Response


{
  "argument_name": "features",
  "request_id": "b83954jrg5hmc9kr",
  "code": 200,
  "error_description": "features was not valid for the following reason: superuser_owner is not a valid feature name",
  "error": "invalid_argument",
  "stat": "error"
}
    

Response Example (application/json)


{
  "features": [
    "direct_read_access"
  ],
  "description": "\"Client with direct read access\"",
  "client_id": "12345abcde12345abcde",
  "client_secret": "edcba54321edcba54321",
  "stat": "ok"
}
    

right to read user profile information) needed to complete the API call.