Create an OAuth 1.0 API key

API keys are security tokens that you use to access Conversational Cloud services. The API key gets installed automatically and assumes the security settings granted to the associated user in Conversational Cloud.

You use the API key when you create bots, access our APIs programmatically and authorize Conversational Cloud Applications. You can create up to 100 keys per account. The API key is issued on behalf of the site and not for the user (server to server) which means you don't need a bearer (no need to be logged in) when using an API key.

  1. Log into Conversational Cloud with Administrator or Campaign Manager permissions and along the top open the Campaign Builder area.

  2. In the footnote click Data Sources.

  3. Open the API tab and click Add new.

Alternatively, you can click on an existing key to edit its privileges rather than create a new one.

  1. Provide the name of the application and the developer name. Optionally you can provide a description of the app by clicking the Add description link below the Application name field.

  2. Select the relevant category for your API, check the relevant checkbox for selecting API permissions and then click Save.

    For bots logins, you will need to select the Agent Interactions category and check the User Login API permission

  1. Once the API key has been successfully created, the authentication details display for four AUTH request values, which you use in the request body of this API:

    • App key

    • Secret

    • Access token

    • Access token secret

  1. If the window does not close automatically, click the X in the top right to close the window.

    Currently, we do not support deleting an API key.

  2. Using the authentication details, generate an OAuth header according to the OAuth Specification Section 9.

The API key best practices correspond to general oAuth1 best practices. For example, usually, the API key is generated per application/implementation, to make sure that environments have their own unique key.

Example:

Header Name Authorization
Header Value OAuth
oauth_signature="JA0PvBbTAxmtLmzIWINpSVLshrY%3D",
oauth_version="1.0",
oauth_nonce="c1c04ec4-3125-44cf-9c39-cccb9343541b",
oauth_consumer_key="d392e7ff2e204d6c802e38fd775563d1",
oauth_signature_method="HMAC-SHA1",
oauth_token="61adad31204a4e6fab68d560f1ffb594",
oauth_timestamp="1261039670"

Note: The authorization should be contained on a single line. New lines have been inserted for clarity.