Registration Overview

Services APIs applications require an API "access token" in order to authenticate each individual API request. To generate such an access token (typically performed upon startup, or just prior to accessing the API), the application performs an OAuth2 client credentials grant flow. Registering an application with the Cisco API Developer Portal generates all the details needed to successfully complete the authentication sequence.

Regarding application registrations:

• API users can register multiple applications.

• A single application registration can be configured to access one or more of the individual Services APIs by requesting access to each and specifying the same application.

• Each registration represents the identity/role/access/permissions of the API user that created it, with regards to any customer data.

• Registering an application generates a set of credentials - the Client ID and Client Secret - which are submitted in the OAuth2 authentication request.

• These credentials are secrets unique to the registered application and must be carefully protected, just as a username/password would be. They do not expire, however they can be revoked/regenerated in the API Developer Portal by the API user if they are ever compromised (this will likely require re-populating the ID/secret into the runtime configuration of any apps using the old set of secrets.)