API and Identity Pages
The following pages are in either the System Setup or Administration folders. Very few Users should have access to these pages. Those with access should use extreme caution when they add or edit records.
API Procedures
This page includes a record for each API procedure available in the REST API. You should not edit these records. Use Security Roles to control access to each API Procedure through the REST API.
See
for more details.API Clients
This page includes a record for each API client authorized to access the REST API. This includes their Client ID, Client Secret, and the how long REST API-generated tokens are valid.
API Clients inherit their permissions from a User specified in the record. The permissions of this User determine what the client can access in the API.
Platform doesn't directly use the dp_API_Clients table, so API client changes force refresh the metadata. The Authorization Server caches API Clients in memory for two minutes.
Identity Providers
This page includes a record for each OAuth provider authorized to authenticate on behalf of MinistryPlatform. This includes their Client ID, Client Secret, and if it is public or not.