API Clients
View, create, and delete API Clients
The commercetools platform depends on OAuth 2.0 for authorization. API clients can either be created in the Merchant Center, or with the API documented on this page. The API is especially useful for Infrastructure-as-Code tooling, as well as for frequently rotating your API secrets.
Due to the sensitive nature of this API, it can not be used with the manage_project:{projectKey} scope, but only with manage_api_clients:{projectKey}.
Once an API client has been created, it can not be changed. The secret is only visible in the response when creating the API Client.
Representations
APIClient
idString | Unique ID of the API client.
This is the OAuth2 |
createdAt | Date and time (UTC) the API Client was initially created. |
nameString | Name of the API Client. |
scopeString | Whitespace-separated list of OAuth scopes that can be used when obtaining an access token. |
secretString | Only shown once in the response of creating the API Client.
This is the OAuth2 |
lastUsedAtDate | Date of the last day this API Client was used to obtain an access token. |
deleteAt | If set, the client will be deleted on (or shortly after) this point in time. |
APIClientDraft
nameString | Name of the API Client. |
scopeString | Whitespace-separated list of OAuth scopes that can be used when obtaining an access token. |
deleteDaysAfterCreationInt | If set, the client will be deleted after the specified amount of days. |
ApiClientPagedQueryResponse
PagedQueryResult with results containing an array of APIClient.
limitInt | Number of results requested in the query request. |
offsetInt | Offset supplied by the client or server default. It is the number of elements skipped, not a page number. |
countInt | Actual number of results returned. |
totalInt | Total number of results matching the query.
This number is an estimation that is not strongly consistent.
This field is returned by default.
For improved performance, calculating this field can be deactivated by using the query parameter |
resultsArray of ApiClient | API Clients matching the query. |
Get API Client
view_api_clients:{projectKey}regionString | Region in which the Project is hosted. |
projectKeyString |
|
idString |
|
200ApiClient
curl -X GET https://api.{region}.commercetools.com/{projectKey}/api-clients/{id} -i \--header 'Authorization: Bearer ${BEARER_TOKEN}'
Query API Clients
view_api_clients:{projectKey}regionString | Region in which the Project is hosted. |
projectKeyString |
|
where | The parameter can be passed multiple times. |
/^var[.][a-zA-Z0-9]+$/Any string parameter matching this regular expression | Predicate parameter values. The parameter can be passed multiple times. |
sort | The parameter can be passed multiple times. |
expand | The parameter can be passed multiple times. |
limitInt | Number of results returned. |
offsetInt | Number of results skipped. |
withTotalBoolean | Calculate total number of results. |
curl -X GET https://api.{region}.commercetools.com/{projectKey}/api-clients -i \--header 'Authorization: Bearer ${BEARER_TOKEN}'
Create API Client
manage_api_clients:{projectKey}regionString | Region in which the Project is hosted. |
projectKeyString |
|
expand | The parameter can be passed multiple times. |
201ApiClient
curl -X POST https://api.{region}.commercetools.com/{projectKey}/api-clients -i \--header 'Authorization: Bearer ${BEARER_TOKEN}' \--header 'Content-Type: application/json' \--data-binary @- << DATA{"name" : "api-client-name","scope" : "view_products"}DATA
Delete API Client
manage_api_clients:{projectKey}regionString | Region in which the Project is hosted. |
projectKeyString |
|
idString |
|
200ApiClient
curl -X DELETE https://api.{region}.commercetools.com/{projectKey}/api-clients/{id} -i \--header 'Authorization: Bearer ${BEARER_TOKEN}'