# API clients and access profiles

Clients are logical groups of users, such as members from the same organization, who receive access to one or more API collections through an access profile. A client can have one or more access profiles, which specify the collection, authentication method, access policy, and IP addresses on the allowlist.

# API clients

Navigate to API platform > Clients. Here, API owners can manage and create new API clients.

API platform client tab API platform client tab

# Create new client


Select New client.

Add new client Add new client


Fill in the following fields:

  • Name

  • Enter a descriptive name for the client.

  • Description (optional)

  • Enter a note for the client.

  • Client logo (optional)

  • Select a .jpg or .png file to upload a logo.

  • Project

  • Select a project. Only members with access to this project are able to see the client.

Configure fields for a new client Configure fields for a new client


Select Add client.

Next, create an access profile.

# Access profiles

Every client has one or more access profiles that are associated with API collections. An access profile gives a client access to one or more API recipe collections and/or API proxy collections.

We recommend that API owners create a unique access profile for each API consumer. This allows you as the API owner to delegate access to specific API collections and impose access policies. Furthermore, it allows you to generate usage information about how API consumers are using your API endpoints.


An API consumer can be a person, script, or automated program.

To view a client's access profiles and create new profiles, navigate to API platform > Clients and select a client. The following screenshot contains an example of a client (ACME Company) with one access profile (also called ACME Company).

API client with access profile API client with access profile

# Access profile fields

A unique API key is generated for each client in the Auth Token field. This token is a long string of characters. It must be supplied to the client so that the client can connect to the API. Treat this API key as confidential information; it should be known only to the API owner and the client.

An API key can be revoked, and a new one issued, by clicking the Refresh button next to the token.

A client can be Active or Inactive. An inactive client cannot call any APIs. Click the toggle to set the client's status to Active and enable the client to call APIs.

# Create new access profile


  1. Configure an API collection
  2. (Optional) Create an access policy
  3. Create a client

Navigate to API platform > Clients and select the new client.


Select Create new access profile.

Create new access profile Create new access profile


Fill in the following fields:

  • Profile name

  • Enter a descriptive name for the access profile.

  • API collections to include

  • Select one or more collections. You can send requests to endpoints in these collections using your access profile.

  • Authentication method

  • This can be an Auth token, an OAuth 2.0 access token, a JSON web token (JWT), or OpenID Connect.

  • Policy (optional)

  • Select a policy that will govern access to API collections included in this profile.

  • Allowed IPs

  • Manage which IP addresses can access this profile. To add multiple IP addresses, separate them using commas, or define a range ( When this field is set, only requests initiated from these addresses are allowed.

Configure new access profile settings Configure new access profile settings


Select Next.


Select Create access profile.

Confirm creating an access profile Confirm creating an access profile


Copy the auth token and save it in a secure place. This is the only time you can view the token. If you lose the token, you must create a new one.

Example auth token Example auth token


Select Done. The new access profile is visible on the client's page.

Last updated: 5/25/2024, 12:46:29 AM