Managing API Authentication Credentials

This topic provides an overview of creating and managing API authentication credentials.

When you use the Brightcove APIs, your method calls will require access tokens unless you enable basic authentication in the Player Service Settings.

Creating client registrations

The API Authentication page is used to create new client registrations. When creating registrations, you can select the service and the roles that will be enabled with the registration.

To create a new client registration for your account:

  1. Open the Admin module.
  2. Click API Authentication. The API Authentication page opens, displaying your current client registrations.
  3. Click + Add application
  4. Enter a Name and Description for the client registration.
  5. Select one or more of your accounts for authorization.
  6. Select the API(s) and permission(s) to enable for this registration.
  7. ClickSave.
  8. A Client ID and Client Secret will be returned.

Managing client registrations

The API Authentication page can be used to view and manage client registrations. Click the ADMIN link in the Studio header and then click API Authentication. A list of your current registrations will display.

To view the registration details, click the on the name. From here, you can:

  • Modify the name
  • Copy the client ID
  • Add accounts for authorization
  • Select additional APIs to enable
  • Delete the credential

Click Save to save your changes.

Note that if a credential is created for multiple accounts, users will only see that credential if they have access to all of those accounts. For example, User 1 creates a credential for accounts A & B. User 2 logs in and only has access to account A. User 2 will not see the credential as they do not have access to account B.

Updating client registrations

Although you cannot retrieve the client secret for existing credentials, you can click on an existing credential name and then add or remove both permissions and accounts.

Deleting client registrations

To delete a client registration, click the delete icon() next to the registration or edit the registration and click Delete Registration. Deleting a registration permanently disables it and cannot be undone.

OAuth

Working with DFP

If you currently have multiple Live accounts set up as content sources in DFP, you have two options:

  1. You can create a unique Client ID and Client Secret for each Live account that’s set up as a content source in DFP. For example, if you have 10 Live accounts, you'd have 10 applications named DFP in your API Authentication settings in Live.
  2. You can create a single Client ID and Client Secret for all Live accounts that have been set up as content sources in DFP. For example, if you have 10 Live accounts, you'd have 1 application named DFP in your API Authentication settings in Live.

Regardless of whether you chose option #1 or #2, for each content source that you set up in DFP, you need to provide a unique Account ID. So, you are not reducing the number of content sources that are currently set up in DFP; you're just replacing the read token with the Client ID and Client Secret, which can either be the same across content sources or unique for each.

Option #1 takes more time up front. However, if the Client ID and Client Secret are the same across all content sources (as with option #2), it will be a burden to add a new content source because you will need to generate a new Client ID and Client Secret and update all of content sources in DFP. So, Brightcove recommends option #1.