API Client

Access the Suger API via the API Client Auth


Overview

To access the Suger API for integration purposes, it requires an API Client for authentication.

  1. Each organization is only allowed to have single API Client. If your organization already has one and would like to create a new one, the old one has to be deleted first.

Create API Client

  1. Visit the settings page of your organization. Find the API Clients section as shown below.
  2. Click the button CREATE API CLIENT. Please store the Client Secret carefully in a safe place, since it only shows once.

Get API Client Access Token

  1. Send a POST request to https://api.suger.cloud/public/apiClient/accessToken following the API Auth Reference
curl -L -X POST 'https://api.suger.cloud/public/apiClient/accessToken' \-H 'Content-Type: application/json' \-d '{    "organizationID": "your-suger-organization-id",    "id": "your-API-client-id",     "secret": "your-API-client-secret"}'
  1. If succeed, you shall receive 200 OK response with payload like below. The default expiration time of token is 1 hour.
{  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6I...",  "expires_in": 3600,  "token_type": "Bearer"}

Rotate API Client Secret

Suger doesn't save your Client Secret. If you forget or lose it, the API client has to be rotated wit a new secret. Click the rotate secret icon to do it. Once the Client Secret is rotated, the old one will be invalid immediately.

Delete API Client

Click the delete icon to delete the API client. Then you are available to create a new one.