Step 1 - Console Sign In and Navigation to Identities API Config
Step 3 - Securely Store Your Credential
The Cirrus Identities API supports complex identity creation requests with safe and automatic rollback in the event that a component of a request cannot be fulfilled. This API grants access to manage any user data persisted by Cirrus identity, including:
Sign in to the Cirrus Console by clicking the “Cirrus Console” button from the Cirrus Identity website top navigation bar or directly from here. Find your organization from the list and use your home credentials to sign-in. Once signed in, select your organization from the list under “My Organizations” on the right side of the screen or from the menu bar on the top.
In the left navigation bar, select the “Cirrus API Access” menu item.
Depending on your subscription, you may see more than one API listed. Select the "Identities API" option.
The next screen will display a list of credentials that have been created for your organization. Click the “New Credential” button.
The form will ask for a brief description of the credential. This description will appear in the list after creation so that you and other users at your organization can identify the credential. If you are creating credentials for a specific purpose, such as testing or script creation, then it can be useful to include that information in the description for future identification. It will also ask you what permissions you would like the credential to have. There is a test and prod environment for Identities API and IDAdmin so you need to verify which environment you want the credential to have permission in as well.
Here is an example of what this screen could look like. If you have Attribute Collections or utilize our auto-generated attribute collection to create an identifier, you will also see those listed here as a permission to edit. If you are interested in learning about additional functionality, reach out to your sales representative at sales@cirrusidentity.com. Once you have determined the appropriate permissions for this user, click the “Create” button.
Once your credential has been created, you will see the details for the credential. Please store these values in a password manager or secret store designated by your organization's secret management standards. Once you have done this, click "OK".
That’s it, you can now use your credential to access the Identities API. How to utilize the Identities API is built into the API directly to help with efficiency. You can find the link to the interactive Identities API here and also in the console when creating a new credential.
After creation, you are no longer able to access the password for your credential. The username, description, and permissions of that credential are accessible in the list to identify active credentials and remove them. Click on the username in the menu to modify the permissions of that credential. If you lose the password for any reason, you will need to delete the credential and create a new one.
Access the Identities API here: https://api.cirrusidentity.com/identities/v1/docs. At the top of the document is the instructions for how to utilize each call for the API. Since this is an interactive documentation, if a new category or permission is created, only the credentials with “admin all” permissions will automatically have access to the new features. Others will need to be updated in the console with the new permissions.
Right before the categories begin in the top right corner there is an “Authorize”. Type in the credentials created in the console here before using the interactive API documentation.
Once authorized, open an API method such as the first one, /list/{environment} by clicking on it. Once expanded, click “Try it out” button.
Adjust options for your chosen method and click “Execute”. The credentials will all have the same options presented but if their credentials do not allow a certain action, the method will return a “Not Authorized” error message in response.
Important Note - At this time, customers cannot create their own Attribute Collection Authorities. If an organization needs to add an Attribute Collection Authority to their environment, submit a support request via the Support Portal or email support@cirrusidentity.com.