Managing XM Cloud client credentials
If you want your application to access XM Cloud APIs, you must issue client credentials for your app.
XM Cloud uses the Client Credentials Flow to authenticate and authorize continuous integration (CI) and continuous deployment (CD) pipelines, custom tools, integrations, and other back-end services.
When you create credentials, the Deploy app creates a client ID and a client secret for your app. The client ID and client secret are essentially equivalent to a username and password.
You can use the credentials to request a JSON Web Token for your CM instance or request a JWT for Experience Edge XM.
From the Deploy app, you can create and manage the client credentials of your organization and its environments.
How it works:
-
Create credentials for your app.
-
Use the credentials (client ID + client secret) to authenticate your app with the Auth0 Authorization Server
https://auth.sitecorecloud.io/oauth/token
and receive an access token. -
When you call the XM Cloud API, pass the access token as a Bearer token in the Authorization header of your HTTP request.
You can create the following types of credentials:
Client credentials type |
Description |
Available APIs |
---|---|---|
Grants access to the XM Cloud Deploy API and the CM instance APIs of all environments in an organization. | ||
Grants access to the APIs of a specific environment. |
| |
Grants access to the Experience Edge APIs of a specific environment. |
You can also revoke a client.