...
WMDA IT team creates applications for your organisation and provides the API Credentials (client_id and client_secret) needed to connect to WMDA APIs. Each application has a client_id (which is permanent) and requires client secrets to authenticate.
...
| Info |
|---|
To authenticate with WMDA APIs, a bearer token must be requested from the WMDA. For details on how client_id and client_secret are used to retrieve bearer tokens and authenticate future requests to the WMDA API, see API authentication. |
Client_id
- Is created Created by the WMDA and shared with your organisation.
- Identifies your application connection to the WMDA APIs.
- Permanent - it does not expire and cannot be changed.
- Is permanent and does not change.
...
- A confidential credential linked to a specific client_id.
- Acts like a temporary password for machine-to-machine authentication.
- Required for connecting to when requesting a bearer token to connect to the WMDA APIs.
- Expires after a set period. A new secret replacement must be generated created and used.
- Can be managed by your organisation in the Self Service API Credentials Portal (see 4. Managing your client secrets below).
| Warning |
|---|
Client_id stays the same permanently. It does not expire and does not need to be replaced. Client_secrets expire after a set period. When the client_secret expires, API connections will stop working until a new secret is created and updated in your systems. To avoid interruptions, always rotate the secret before it expires. See 5. Email Notifications About Expiring Client Secrets below |
...