Application Registration Credentials Management

You can manage credentials for applications to access event brokers.

The API manages credentials for an application to securely access event brokers that act as event gateways.

The API needs to store and maintain credentials so they can be re-applied to a gateway event broker or applied to more event brokers if additional Access Requests are added to an Application Registration that provides access to additional event gateways.

The API stores the client username (clientId) and password (clientSecret) in a secure vault. Your integration can create multiple credentials per Application Registration. You can provide partial or complete credentials or rely on the API to auto-generate the credentials.

curl --location 'https://apim-devportal-api.solace-labs.io/api/v2/apim/appRegistrations/{registrationId}/credentials' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer <<api-token>>' \
--data '{
  "name": "{credentialsName}"
}'
curl --location 'https://apim-devportal-api.solace-labs.io/api/v2/apim/appRegistrations/{registrationId}/credentials' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer <<api-token>>' \
--data '{
        "name": "{credentialsName}",
        "secret": {
            "consumerKey": "{clientId}"
        }
}'
curl --location 'https://apim-devportal-api.solace-labs.io/api/v2/apim/appRegistrations/{registrationId}/credentials' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer <<api-token>>' \
--data '{
        "name": "{credentialsName}",
        "secret": {
            "consumerKey": "{clientId}",
            "consumerSecret": "{clientSecret}"
        }
}'

If you prefer not to provide basic authentication, you can use OAuth or mutual SSL.

🚧

In the Early Access release, the phase credentials are NOT securely stored. Instead, secure storage is used.