Acquia Optimize

API users



This article gives instructions on how to create API users and apply API tokens in Postman.

Introduction

API stands for Application Programming Interface and is a connection between computers or between computer programs.

In contrast to a UI (user interface), which connects a computer to a person, an API connects computers or pieces of software to each other.

WARNING: An API token allows access to domain code. APIs are not intended to be used directly by individuals (end users). Only a programmer or developer should use APIs, when they need to implement the Acquia Optimize API on in other applications or CMS systems, for example.

Always verify the user identity and role before sending out an API token to an individual.

Acquia Optimize supports API use. The API can be based on the customer location, and so we have 3 APIs.

See the Acquia Optimize for Developers article for the most updated information about API user setup:

Acquia Optimize API.

To use the Acquia Optimize API, your application has to present user credentials (the token) in an authentication software program (such as postman). The API user account can only be used for API access. It is recommended to create a new user account specifically for this purpose and assign the API user scope to it via the free-text field.

The responsibility/troubleshooting for making API calls lies solely with the customer. Acquia Optimize cannot assist or troubleshoot beyond the topics in this article.

Prerequisites

 

 

Acquia Optimize is unable to support or troubleshoot API calls. This function is solely a customer responsibility.

An API token allows access to domain code. APIs are not intended to be used directly by individuals (end users). Only a programmer or developer should use APIs, when they need to implement the Acquia Optimize API on in other applications or CMS systems, for example.

See the Acquia Optimize for Developers article for the most updated information about API user setup:

Acquia Optimize API.

Instructions

 

 

This section gives instructions on how to add an API user account. Only users that are assigned Admin status can access and create API users.

  1. Click Admin Settings (the gear icon) on the top menu bar. The Admin Settings page opens.

    The Domain Settings page opens.

  2. Click API Users from the menu on the left side of the page.

    The API Users page opens.

    The page is a chart that shows your current API users with their scope.

    • API URL: The URL where the user has access.
    • Description: A description of the access that is granted.
    • Scope: The scope of the user permissions. In most cases, Customer is sufficient.
    • Action: Click the drop-down arrow and select from the menu:
      • See API token: A pop-up window opens with the token.
        • Click Copy (papers icon) to copy the token to the clipboard.
      • Revoke token: Click to revoke the token. A pop-up. message informs, "Are you sure you want to revoke the token for API User xxxx
        Note: A new token will be created. The existing token is replaced with a new token.
      • Click OK to revoke the token, or Cancel to cancel the request.
      • Delete: Remove the user, including the token and scope. A pop-up message asks, "Are you sure you want to delete the API User xxxx". Click OK to delete the user, or Cancel to cancel the request.
  3. Click Add API User, on the upper right side of the page.

    The API User page opens.

    • User Type: Tick the box to select the user type. In most cases, Customer is sufficient. See below for the differences in API user types.

       

       

      For more information, see the user guide article:

      Create and configure users.

      • CMS: Receives the CMS user type via the API. CMS permissions are restricted to:

        • index/conceal domains
        • get domain
        • index domain pages
        • get/scan domain page

        CMS users must contact a site admin in order to receive the API token.

        For more information about how to set up a CMS for the Acquia Optimize scan, see the article in Acquia Optimize for Developers:

        CMS Integration.

      • Customer: Receives the Customer permission via the API. Customer tokens cannot be used to edit the account, they can only be used to edit on the module level.

        Customer users must contact a site admin and request the API token.

      • Admin: Receives full permission via the API. Admins can GET, POST, DELETE, and PATCH on any circumstance.
    • Description: Free-text field, enter a description for this user. If needed, include an email address to specific users or agencies in order to verify API token requests.

Additional Resources

For more information, see the user guide articles:

 

 

Did not find what you were looking for?

If this content did not answer your questions, try searching or contacting our support team for further assistance.