API & Identity Pages

Your Knowledge Base is moving on 3/25/24! Our new Help Center provides all the articles you know and love (plus so much more) in a one-stop shop. Ask your SPoC for details!

API & Identity Pages

The following pages are located in either the System Setup or Administration folders. Very few Users should have access to these pages. Those with access should use extreme caution when adding or editing records.

API Procedures

This page includes a record for each API procedure available in the REST API. These records should not be edited. Access to each API Procedure through the REST API can be controlled with a Security Role.

See Security Roles > API Procedures for more details.

API Clients

This page includes a record for each API client that is authorized to access the REST API. This includes their Client ID, Client Secret and the how long tokens generated by the REST API are valid.

A Client ID and Client Secret are necessary to access the api using the OAuth Client Credentials workflow and API Wrapper.

Note: It's Best Practice for a separate User to be assigned as the Client User for each API Client.

API Clients inherit their permissions from a User which is specified in the record. The permissions of this User determine what the client can access in the api.

Passwords may be manually entered, or for greater security, created randomly using a Password Generator or GUID Generator.

The dp_API_Clients table is not used directly by the Platform, so changes to an API client will force a refresh the metadata. The Authorization Server caches API Clients in memory for 2 minutes.

Identity Providers

This page includes a record for each OAuth provider that is authorized to authenticate on behalf of MinistryPlatform. This includes their Client ID, Client Secret and if it is public or not.

Knowledgebase
- MinistryPlatform
  - Advanced Users
    - System Administration