Guides

Manage API credentials

Suggest Edits

πŸ”‘

Who can manage API credentials?

Only platform owners and platform admins can create and delete API credentials through the web app.

API credentials are essential for identifying and authenticating your application when requesting an access token. They consist of:

  • A client ID: A unique identifier for your application.
  • A client secret: A confidential key associated with the client ID. Keep this secure.

Together, these credentials secure communication between your application and the API, ensuring that unauthorized access is prevented.

πŸ’‘

Each company can have a maximum of 10 API credentials.

Create API credentials

  1. Log in β†— to your 360Learning account.
  2. In the left sidebar, click on the platform group (with the golden crown at the bottom right of its icon).
  3. At the top right of the main section, click Settings.
  4. In the left sidebar, click API v2.
  5. Click + Add API Credentials.
  6. In the dialog box, enter a Credentials label.
    • πŸ’‘ Use a descriptive label that reflects the specific integration or use case (e.g., "HR Integration - Payroll System" or "Marketing Analytics Sync"). This will help you quickly identify which credentials are associated with specific integrations.
    • ⚠️ Avoid generic labels like "API Keys" to prevent confusion when managing multiple credentials.
  7. Under Permissions, select the scopes you want your API credentials to have from the available company-level options. For more information, see Scopes and permissions.
    1. You can find the permissions required for each endpoint in the API reference.
    2. If a scope you need isn’t visible, it may not be enabled at the company level. Contact your CSP to change the list of scopes available at the company level, if necessary.
  8. Click Save.
  9. Click Copy client secret to copy your client secret to your clipboard. Make sure to store it in a safe place.
    ⚠️ The client secret is only visible once when the credentials are created.
  10. Copy the client ID.
    πŸ’‘ The client ID can be found on the API Credentials screen in the admin board after the credentials have been created. You can copy it at any time.
  11. Click Close.

Edit API credentials

  1. Log in β†— to your 360Learning account.
  2. In the left sidebar, click on the platform group (with the golden crown at the bottom right of its icon).
  3. At the top right of the main section, click Settings.
  4. In the left sidebar, click API v2.
  5. Next to the credentials you wish to edit, click the pen icon (Edit).
  6. In the dialog box, you can edit the Credentials label.
  7. Under Permissions, you can either:
    1. Select the permissions you want your API credentials to have from the available company-level options.
      1. You can find the permissions required for each endpoint in the API reference.
      2. If a scope you need isn’t visible, it may not be enabled at the company level. Contact your CSP to change the list of scopes available at the company level, if necessary.
    2. Click Set company's permissions to revert to the current company-level scopes.
  8. Click Save.

πŸ’‘

You don’t need to generate a new token when updating API credentials. Scopes changes take effect immediately, and existing tokens will reflect the updated permissions.

Delete API credentials

If API credentials are compromised or no longer needed, you can delete them. However, keep in mind that once deleted:

  • The API credentials can no longer be used to generate new access tokens.
  • Any existing access tokens created with those credentials will immediately stop working, even if they were generated before the credentials were deleted.
  • Any integrations relying on those credentials or access tokens will stop functioning.

To delete API credentials:

  1. In the left sidebar, click on the platform group (with the golden crown at the bottom right of its icon).
  2. At the top right of the main section, click Settings.
  3. In the left sidebar, click API v2.
  4. Next to the credentials you want to revoke, click the bin icon (Delete).
  5. When prompted, click Yes, delete.

❗️

Once API credentials are deleted, they cannot be recovered and are permanently removed.

Updated 6 days ago