Managing XM Cloud client credentials

If you want your application to access XM Cloud APIs, you must issue client credentials for your app.

XM Cloud uses the Client Credentials Flow to authenticate and authorize continuous integration (CI) and continuous deployment (CD) pipelines, custom tools, integrations, and other back-end services.

When you create credentials, the Deploy app creates a client ID and a client secret for your app. The client ID and client secret are essentially equivalent to a username and password.

You can use the credentials to request a JSON Web Token for your CM instance or request a JWT for Experience Edge XM.

From the Deploy app, you can create and manage the client credentials of your organization and its environments.

How it works:

  1. Create credentials for your app.

  2. Use the credentials (client ID + client secret) to authenticate your app with the Auth0 Authorization Server and receive an access token.

  3. When you call the XM Cloud API, pass the access token as a Bearer token in the Authorization header of your HTTP request.

You can create the following types of credentials:

Client credentials type


Available APIs

Organization automation client

Grants access to the XM Cloud Deploy API and the CM instance APIs of all environments in an organization.

Environment automation client

Grants access to the CM instance APIs of a specific environment.

Edge administration client

Grants access to the Experience Edge APIs of a specific environment.

You can also revoke a client.

Do you have some feedback for us?

If you have suggestions for improving this article,