Permissions: Creating an API User
API users are only required when using REST Engaging Network Services (ENS)
To use our ENS REST API, you will need to create a new API user in Engaging Networks to generate the API key.
To do this, you first need to login with your subaccount login details.
Creating an API User
An API User is not a standard user, and they cannot log into the system. An API user can only access the system via REST.
Once logged in as the subaccount administrator go to the Hello menu at the top, and then to Account settings, and Users on the left.
To create a new API User, click on Add API User. You can also edit any existing API Users here. The user needs the following:
Field | Description |
Email address | This will be the user ID. Note: Although we require the user IDs you create to be in the form of email addresses, they do not necessarily need to be valid addresses, as we won’t send emails to them. However, if you want to be able to initiate a password reset without contacting a super admin, it will need to be valid. |
Display name | The full name of the user |
First name | User’s first name |
Last name | User’s last name |
Remote Address | This should be the local IP address(es) of the API user which will be whitelisted. Supporter CRUD operations are forced to comply with these addresses. For page processing, see the option “Page Processing should respect Remote Address” Note: You can designate multiple IP addresses by separating them with a ~ and no spaces. There is a maximum of 200 characters. Note: If you are receiving the error “Authentication call is being made from an unregistered source address for this ENS api key”, this is likely caused by the IP address making the request not matching this/these values. |
Page Processing should respect Remote Address | The REST services cover supporter CRUD operations and additionally offer page processing endpoints. By default, supporter CRUD operations are forced to comply with the IP Addresses listed under ‘Remote Address’. If you wish the page processing endpoint to also comply with the IP Addresses list, then check this option. |
Group | This will be the permission group the user belongs to. For Supporter Services calls, Create, Modify, and View permissions under ‘Manage individual supporters’ are required. For Page Components calls and the Get survey responses call, View permission under ‘Manage Page’ is required. |
Status | The current status of their User. Active, Pending, or Inactive are the available options.
|
Once you have filled in the required information click “Save User”.
This will create/save the user and create a unique API key for them to use. This token can now be used with REST ENS. If you wish to revoke a key at any time, you can click on the user name and then click the Revoke button shown below.
Note: REST API keys are sensitive information and should only be transmitted through secure channels.
Important Information About Revoking API Keys
It is important to remember that if you revoke your API key and it is in use by 3rd party or external applications, any connected applications that use the API key must also be updated with a new API key or they will fail
Updating an API User
You can safely update the email address, display name, first name and last name of an API user without affecting the validity of the assigned API key itself.