Creating and managing credentials

How to create and manage API credentials for your application

Create credentials

This page describes how you can use the Ocrolus Dashboard to manage your application's API credentials. To add a new set of credentials using the Ocrolus Dashboard, follow the steps below:

  1. Log in to the Ocrolus Dashboard.
  2. Click on the Account & Settings icon located at the top right corner of your screen and select API Credentials from the dropdown list. The API Credentials page appears.
    Login screen
  3. Click on the ADD OAUTH2 API CREDENTIALS button. The Add OAuth 2.0 Credentials modal will appear.
  1. The Client ID and Client Secret are auto-populated under the Credentials section. Enter the name for the credentials in the Description (My Application) field and click DOWNLOAD JSON to download the credentials to your local machine. You must download the provided credentials before saving them to your account. For security reasons, the client secret cannot be retrieved after you close this window.

    📘

    Conveniently storing credentials

    Password managers such as Bitwarden or LastPass are useful for storing API credentials (even for services unrelated to Ocrolus), but please be mindful of your organization's security policy.

  2. Click ADD CREDENTIALS.
  3. The credentials are added successfully and shown on the API Credentials page.

Manage credentials

In order to effectively manage the API credentials you have created for your application, it is essential to understand the various aspects involved. This section will provide detailed insights and step-by-step instructions on how to manage your API credentials.

Revoke and delete credentials

Effective API credential management includes the ability to revoke credentials when necessary. This section outlines the steps to revoke your API credentials and highlights the impact of revocation on your application's functionality. Revoked credentials are available on your Dashboard for auditing purposes, and you have the option to completely delete credentials by selecting the Remove this Credential option.

🚧

No turning back!

Revoked credentials cannot be reactivated, and deleted credentials can't be recovered. Make sure that you're ready before doing so.

To revoke the credentials, perform the following steps:

  1. Log in to the Ocrolus Dashboard.
  2. Click on the Account & Settings icon located at the top right corner of your screen and select API credentials from the dropdown list. The API Credentials page appears.
Login screen
  1. Click on the kebab menu and select the Revoke option from the list.
  2. On the REVOKE CREDENTIALS button to permanently revoke and delete the credentials.

Edit credentials

To distinguish between credentials that have similar names, you have the option to update the name of each credential. This allows you to provide a unique and identifiable label for each set of credentials, making it easier to differentiate and manage them effectively.

To edit the credentials, perform the following steps:

  1. Log in to the Ocrolus Dashboard and navigate to the Account & Settings icon > API credentials. The API Credentials page appears.
  2. Click on the kebab menu and select the Edit option from the list.
  3. Enter the updated name of your credentials in the Description (My Application) text box and click the UPDATE CREDENTIALS button.

Rotate credentials

To ensure the security of your system, it is recommended to periodically rotate your credentials. By rotating your credentials, you generate new access keys or tokens, rendering any previous credentials obsolete. This practice minimizes the risk of unauthorized access or potential security breaches. It is also advisable to rotate your credentials if you suspect they have been compromised or if there is any indication of unauthorized activity. Regularly updating your credentials adds an extra layer of protection to your application and safeguards sensitive data from potential threats.

To rotate the credentials, perform the following steps:

  1. Create a new credential as described in Creating credentials.
  2. Confirm that the credential is valid by requesting an access token with it. To know more about it, see using API credentials.
  3. Apply the new credential to the infrastructure as required.
  4. Revoke the old credential as described in Revoking and Deleting Credentials.