API Users
How to createAPI users and apply API tokens in Postman
Faith George avatar
Written by Faith George
Updated over a week ago

Skip to Topics in this Article


Introduction

API stands for Application Programming Interface and is a connection between computers or between computer programs.

In contrast to a UI (user interface), which connects a computer to a person, an API connects computers or pieces of software to each other.

WARNING: An API token allows access to domain code. APIs are not intended to be used directly by individuals (end users). Only a programmer or developer should use APIs, when they need to implement the Monsido API on in other applications or CMS systems, for example.

Always verify the user identity and role before sending out an API token to an individual.

Monsido supports API use. The API can be based on the customer location, and so we have 3 APIs:

To use the Monsido API, your application has to present user credentials (the token) in an authentication software program (such as postman). The API user account can only be used for API access. It is recommended to create a new user account specifically for this purpose and assign the API user scope to it via the free-text field.


Instructions

Note: This capability is not yet available to all customers, please contact support if you would like to implement API Users for your website.

This section gives instructions on how to add an API user account. Only users that are assigned Admin status within Monsido can access and create API users.

  1. Click Admin Settings (the gear icon) at the top of the Monsido landing page. The Admin Settings page opens.

    Note: The Settings button is only available to site admins.

    The location of the Settings button on the top right corner of the page.

    The Domain Settings page opens.

    The Domain Settings landing page.

  2. Click API Users from the menu on the left side of the page.

    The location of the API Users menu selection on the left side of the page

    The API Users page opens.

    The API Users landing page.

    The page is a chart of existing API users with their scope.

    • API URL: The URL where the user has access.

    • Description: A description of the access that is granted.

    • Scope: The scope of the user permissions. In most cases, Customer is sufficient.

    • Action: Click the drop-down arrow and select from the menu:

      • See API token: A pop-up window opens with the token.

        • Click Copy (papers icon) to copy the token to the clipboard.

      • Revoke token: Click to revoke the token. A pop-up. message informs, "Are you sure you want to revoke the token for API User xxxx
        Note A new token will be created in it's place". The token is replaced with a new token. Click OK to revoke the token, or Cancel to cancel the request.

      • Delete: Remove the user, including the token and scope. A pop-up message asks, "Are you sure you want to delete the API User xxxx". Click OK to delete the user, or Cancel to cancel the request.

  3. Click Add API User, on the upper right side of the page.

    The location of the Add API User button on the top right of the page.

    The API User page opens.

    The API User setup page.

    • User Type: Tick the box to select the user type. In most cases, Customer is sufficient. See below for the differences in API user types.

      Important! Only users that are assigned Admin status within Monsido can access and create API users. Other users must request the API token from an admin.

      For more information, see the User Guide chapter:

      • CMS: Receives the CMS user type via the API. CMS permissions are restricted to:

        • index/conceal domains

        • get domain

        • index domain pages

        • get/scan domain page

        CMS users must contact a site admin in order to receive the API token.

        For more information about how to set up a CMS for the Monsido scan, see the article in Monsido for Developers:

      • Customer: Receives the Customer permission via the API. Customer tokens cannot be used to edit the account, they can only be used to edit on the module level.

        Customer users must contact a site admin and request the API token.

      • Admin: Receives full permission via the API. Admins can GET, POST, DELETE, and PATCH on any circumstance.

    • Description: Free-text field, enter a description for this user. If needed, include an email address to specific users or agencies in order to verify API token requests.


How to use the API in Postman

This section gives instructions on how to use the API token in Postman.

  1. Locate the API token as per the instructions above.

  2. Copy the token as per the instructions above.

  3. Open Postman.

    1. Create a new Request.

    2. Select the Authorization tab.

    3. Type: Select Bearer Token.

    4. Paste the token into the field provided.


Additional Information

For more information, see the User Guide chapters:

For further assistance, contact the Monsido support team at support@monsido.com or via the Monsido chat and help features inside the application.

Image of the Dashboard with the Help Center buttons highlighted.

Contact us

Monsido, an Optimere brand:

San Diego, CA, USA

5880 Oberlin Dr,
San Diego, CA 92121, USA

Australia & New Zealand

Suite 2.04
80 Cooper St
Surry Hills, NSW 2010

Copenhagen, Denmark

Borupvang 3
2750 Ballerup, Denmark

London, UK

14 New Street
London, EC2M 4HE

Did this answer your question?