Clients and Settings API Overview

The Clients and Settings APIs are primarily used to manage your API clients (also known as "properties"). For example, these endpoints enable you to do such things as: 

  • Create new API clients
  • Delete existing API clients
  • Modify the settings and permissions assigned to your API clients at either the global scope or the local (individual client) scope

In addition, several of the endpoints in this collection can be used to return information about your entity types (user databases).

These new endpoints supersede the previous collection of Identity Cloud Clients and Settings APIs. The previous endpoints (now referred to as the "legacy" Clients and Settings APIs) remain valid, and the documentation for these endpoints can still be found here. However, we strongly recommend that, as time allows, you begin to migrate to the new Clients and Settings APIs detailed on this page. 

Why? Two reasons. For one, the new Clients and Settings APIs adhere to the RESTful API standards; that wasn't always true for the legacy APIs. For another, the new APIs are part of the Configuration API (CAPI). Eventually, CAPI will provide consistency across all the Identity Cloud APIs: regardless of the API or the endpoint, you'll use the same authentication method, employ the same request and response formats, see the same error messages, etc. Switching to the new Clients and Settings APIs now will give you a headstart when additional CAPI APIs are released in the future.


The Clients and Settings API supports basic HTTP authentication using owner credentials. To create the authorization code, combine your client ID and secret like this: clientId + ":" + secret. And then then base64 encode the result.

Authorization string

Used to send the authorization code.


Authorization: Basic aW1fYV...NfbXk=