Creating and Editing API Clients

To create or edit an APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. client, go to Administration > API Services > API Clients and either click the Edit link for an APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. client in the list, or click the Create API client link in the upper-right corner. The Edit API Client or Create API Client form opens. The procedure is the same for both forms.

Figure 1  The Create API Client Form

Create API Client

Field

Description

Client ID

(Required) Name for the APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. client. Enter a unique string.
(Use this value in the OAuth2 client_id parameter)

Description

Additional information or comments about the APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. client.

Enabled

If selected, enables the APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. client.

Operating Mode

(Required) Specifies the operating mode for the APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. client. Options include:

ClearPass REST API - Client will be used for API calls to ClearPass — To define an APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. client for accessing the RESTRepresentational State Transfer. REST is a simple and stateless architecture that the web services use for providing interoperability between computer systems on the Internet. In a RESTful web service, requests made to the URI of a resource will elicit a response that may be in XML, HTML, JSON or some other defined format. APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software.

OAuth 2.0 Authorization Server - ClearPass will be used as an identity provider — To use ClearPass as an identity provider (IdP) for an OAuthOpen Standard for Authorization. OAuth is a token-based authorization standard that allows websites or third-party applications to access user information, without exposing the user credentials. 2.0 password grant flow

Operator Profile

(Required) Specifies the role that can access this APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. client, and determines which APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. objects and methods are available. This option is not available if OAuth 2.0 Authorizaton Server is selected as the mode. Options include:

API Guest Operator

BYOD Operator

Device Registration

Help Desk

Network Administrator

Null Profile

Operations and Marketing

Read-only Administrator

Receptionist

Super Administrator

Grant Type

(Required) Specifies the OAuth2 grant type authentication method to be used with this APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. client ID. Only the selected authentication method will be allowed. Options include:

Client credentials (grant_type=client_credentials)

Username and password credentials (grant_type=password)

Public Client

If selected, the APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. client will be a public (trusted) client, and will not require a client secret.

Refresh Token

If selected, an OAuth2 refresh token may be used to obtain an updated access token.
(Use grant_type=refresh_token)

Client Secret

If a client secret is required, it is displayed in this field. Record this value for reference. When the APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. client is created, this value is encrypted and cannot be displayed again. When you edit an existing APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. client, this field includes the option to generate and display a new secret.
(Use this value in the OAuth2 client_secret parameter)

Access Token Lifetime

Specifies the lifetime of the OAuth2 access token. Enter a number in the first text field, and use the drop-down list to indicate the unit of time. Options include:

seconds

minutes

hours

days

weeks

Refresh Token Lifetime

Specifies the lifetime of the OAuth2 refresh token, if one was specified. Enter a number in the first text field, and use the drop-down list to indicate the unit of time. Options include:

seconds

minutes

hours

days

weeks

Create API Client

Creates the APIApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. client. It is included in the API Clients list view.