Skip to content

Authentication

This page guides you through setting up an API Key, which is required to make requests to Marigold Engage API.

The Marigold Engage API authenticates your API requests using Application API keys. If you do not include your key when making an API request, or use one that is incorrect or outdated, the API will respond with an error.

Create your API-key

Prerequisite

To be able to access the Marigold Engage administration, you will need an Marigold Engage account. In case you dont have an account, reach out to your Marigold Engage contact

To use the Marigold Engage API, you need create an application (app), which will generate authentication and secret keys to interface with the API.

Go to the "Access Management" section

  1. Log in to Engage
  2. Go to Admin Config > Access Management > Service Accounts

Create a new service account to generate API authentication keys

To create a new service account, click on the New button at the top-right. The properties are then shown in a right sliding panel.

Enter the app Name, and choose Custom as type.

An authentication key and secret key are automatically generated and can be used within the API. When you re-open a created app, these are visible; as well as the expiry of the current keys, which can be adjusted.

One should also check the endpoints tab and configure the endpoints that should be accessible for this set of credentials.

Security - IP Filtering

If required, IP filtering can also be activated. This ensures that only requests from the given IP-adresses will be

taken into account. If a request is made to the API from a different IP-adress, the request will be blocked.

Restrict access - Organization limitation

Optionally, you can also filter the organizations having access to this app. As a result, API calls will only work for the organizations in the list. Toggle the option on and add the organizations. When the option is activated you need to select at least one organization.

Click Save to create the app and get started with the API key.

Warning

API keys should be kept confidential and only stored on your own servers. Your account’s API key can perform any API request using the Marigold Engage API without  restriction

Back to top