List Your API Clients

Endpoint URL: {identityDomain} /config/{appId} /clients

Description

Returns permission and metadata information for all your API clients, including:

_self. Configuration endpoint for the API client. For example, suppose your configuration domain is https://v1.api.us.janrain.com/and the _self value for a client is /config/htb8fuhxnf8e38jrzub3c7pfrr/clients/xj2dmg2mqsm6a8gx89cwn3fu929p4pd. Combining those two values gives you the configuration endpoint for managing that client (adding/modifying property values, deleting the client, etc.):

https://v1.api.us.janrain.com/config/htb8fuhxnf8e38jrzub3c7pfrr/clients/xj2dmg2mqsm6a8gx89cwn3fu929p4pdm
_id.The API client ID.
_secret. The API client secret (i.e., client password). Client secrets should never be publicly exposed.
_settings. Configuration endpoint for the API client's settings,
name. Name (and description) of the API client.
ipWhitelist. Collection of IP addresses allowed to interact with the client; for example, the address 192.168.1.0/24 allows access to IP addresses 192.168.10 through 192.168.1.255. The default value is 0.0.0.0/0, which allows access to all IP addresses.
features. Client features sets associated with this API client. Clients can be associated with more than one feature set.

Your API call must have the owner client permission in order to return all client data. Note that API clients make authenticated requests against the Identity Cloud REST APIs, and clients with the login_client feature set help authenticate and register users.

URI Parameters

Parameter Type Required Description

has_feature

string

Parameter	Type	Required	Description
has_feature	string		Enables you to return only those API clients who have the specified feature sets. Each filter set that you want to filter on is passed in a has_feature parameter; for example, this syntax returns only API clients that have the login_client feature set: `has_feature=login_client` This syntax returns all the API clients that have both the direct_access and the access_issuer feature sets: `has_feature=direct_access&has_feature=access_issuer`

Enables you to return only those API clients who have the specified feature sets. Each filter set that you want to filter on is passed in a has_feature parameter; for example, this syntax returns only API clients that have the login_client feature set:


has_feature=login_client

This syntax returns all the API clients that have both the direct_access and the access_issuer feature sets:


has_feature=direct_access&has_feature=access_issuer

API Client Permissions

The following table indicates the API clients that can (and the API clients that can't) be used to call this endpoint:

owner	access_issuer	direct_access	direct_read_access	login_client
Yes	No	No	No	No

Authentication

This endpoint supports Basic authentication.

How to Create an Authentication String

Base URL

The base URL for this endpoint is your Configuration API domain followed by /config/ followed by your application ID. For example, if you are in the US region and your application ID is htb8fuhxnf8e38jrzub3c7pfrr, then your base URL would be:


https://v1.api.us.janrain.com/config/htb8fuhxnf8e38jrzub3c7pfrr

Allowed regions are:

Sample Request URL

In the following URL, replace htb8fuhxnf8e38jrzub3c7pfrrwith your application ID:


https://v1.api.us.janrain.com/config/htb8fuhxnf8e38jrzub3c7pfrr/clients

Sample Request (curl)

This command returns information about all the API clients associated with the application htb8fuhxnf8e38jrzub3c7pfrr.


curl -X GET \
  -H 'Authorization: Basic c2dueXZ1czZwYzRqbTdraHIybmVxNWdzODlnYnIyZXE6d3Q0YzN1bjl3a2tjZnZ5a25xeDQ0eW5jNDc2YWZzNjg' \
  https://v1.api.us.janrain.com/config/htb8fuhxnf8e38jrzub3c7pfrr/clients

Running this command in Postman

Responses

200 OK

If your call to this endpoint succeeds, you'll get back information for each of the API clients associated with the specified application:


[
    {
       "_id": "ay6e3qmucvdyr29hmpvxjdjupe8bcsky",
       "_secret": "9956y4tv342e76nj9zub511ufbned98j",
       "_self": "/config/73jzx34tnr5ruhsze494ssgz2b/clients/ay6e3qmucvdyr29hmpvxjdjupe8bcsky",
       "_settings": "/config/73jzx34tnr5ruhsze494ssgz2b/clients/ay6e3qmucvdyr29hmpvxjdjupe8bcsky/settings",
       "features": [
           "owner"
       ],
       "ipWhitelist": [
           "0.0.0.0/0"
       ],
       "name": "this is a test client"
    },
    {
       "_id": "ed7absqep5rffbmqx89c9mwexqvbnfnk",
       "_secret": "hdyebsdtvj5ujjkijk7tfrf968q63ysk9",
       "_self": "/config/73jzx34tnr5ruhsze494ssgz2b/clients/ed7absqep5rffbmqx89c9mwexqvbnfnk",
       "_settings": "/config/73jzx34tnr5ruhsze494ssgz2b/clients/ed7absqep5rffbmqx89c9mwexqvbnfnk/settings",
       "features": [
           "login_client"
       ],
       "ipWhitelist": [
           "0.0.0.0/0"
       ],
       "name": "Default Login Client"
    },
    {
       "_id": "nhjsdtjwvaytevc2w5sx42skggvjn7bu",
       "_secret": "99ijf7ree8vcgrdq3qpppo3cddykjhs",
       "_self": "/config/73jzx34tnr5ruhsze494ssgz2b/clients/nhjsdtjwvaytevc2w5sx42skggvjn7bu",
       "_settings": "/config/73jzx34tnr5ruhsze494ssgz2b/clients/nhjsdtjwvaytevc2w5sx42skggvjn7bu/settings",
       "features": [
           "login_client"
       ],
       "ipWhitelist": [
           "0.0.0.0/0"
        ],
       "name": "This is a client description"
    }
]

Error Codes

The following table includes information about some of the error codes that you could encounter when calling this endpoint.

Error Code	Description
401/403	Error Message: Authentication required. You either failed to provide credentials or provided invalid credentials. This endpoint requires Basic authentication.
404	Error Message: Client ID not found. You did not provide a valid client ID.

Error Code

Description

401/403

Error Message: Authentication required.

You either failed to provide credentials or provided invalid credentials. This endpoint requires Basic authentication.

404

Error Message: Client ID not found.

You did not provide a valid client ID.

If you encounter an error when calling this endpoint, that error message will look similar to this:


{
    "errors": "client_id 2mr44db437h9vqddb6ubje7zqwv88n26 not found."
}

How to Create an Authentication String

To create an authentication string, combine your API client ID, a colon (:), and your client secret into a single value. For example, if your client ID is abcdefg and your client secret is hijklmnop, that value would look like this:

abcdefg:hijklmnop

Next, take the string and base64 encode it. For example, on a Mac, you can base encode the string using this command:

echo -n "abcdefg:hijklmnop" | base64

If you’re running Microsoft Windows, you can encode the string by using a Windows PowerShell command similar to this:

[Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes("abcdefg:hijklmn"))

The resulting value (e.g., YWJjZGVmZzpoaWprbG1ub3A=) should be used in your authentication header.

If you are making API calls using Postman, select Basic Auth as your identification type, then use the client ID as the username and the client secret as the password.

Before you actually try your authentication string, make sure that your API client has the all the permissions (for example, the right to read user profile information) needed to complete the API call.

Endpoint URL: {identityDomain} /config/{appId} /clients

Description

URI Parameters

API Client Permissions

Authentication

Base URL

Sample Request URL

Sample Request (curl)

Responses

Error Codes

Running this Command in Postman

How to Create an Authentication String

Rate this Article