What: The BlueConic API Access Connection regulates access to BlueConic for any external software application using the BlueConic REST API v1. The connection acts as the gatekeeper for information on the BlueConic side. Without its approval, an external software application will be denied access to any information from BlueConic.
About BlueConic: The BlueConic customer data platform harnesses the data required to power the recognition of an individual at each interaction, and then synchronizes their intent across the marketing ecosystem.
Why: You want to integrate some software application in your marketing stack with BlueConic. Your developers use the BlueConic REST API v1 to get information directly from or send information directly to BlueConic. To allow an external software application access, a BlueConic API Access connection should be created and activated.
Using OAuth 1.0 with BlueConic REST API v1
Access to the BlueConic REST API v1 is regulated using OAuth (version 1.0a with HMAC-SHA1 as signature algorithm, to be exact). The OAuth 1.0a algorithm requires a "Consumer Key" and "Consumer Secret", and the connection is used to define these for use in an external software application.
Notes about REST API version support
As of the July 2023 Q3 release of the BlueConic platform and the availability of BlueConic REST API v2, only existing BlueConic users already using the BlueConic API Access Connection can continue to use the connection with REST API v1 and can choose "Save as" in the connection's Save menu to create new instances.
If you have questions or need assistance, contact BlueConic Support.
Configuring the connection
Connections based on the "BlueConic API Access" type require little configuration to offer endless opportunities. Each connection has its own unique "Consumer Key" and "Consumer Secret" to access the BlueConic REST API v1. This key and secret combination can then be used in external software applications that want to use the unique features of BlueConic. We recommend that you use a separate connection per application so you can activate or deactivate access per application as well.
- Enter the key that will be used in the 0Auth communication between BlueConic and the external software application. The key should consist of regular characters and numbers. It is recommended to use a descriptive name that explains the use of the connection. Your developers need this key to make OAuth work on their end.
When you create a new BlueConic API Access Connection a link "Generate Secret" is shown. Click the link to generate a 32-character secret. Your developers need this secret to make OAuth work on their end. Beware that while the secret is fully shown initially, it will be hidden when you return to the connection later and only the last four characters are revealed. So copy this information while it still is visible!
You can always generate a new secret by clicking "Generate New Secret". However, beware that as soon as you save the change, all external software applications currently using the old secret are locked out! All external software applications using this connection will need to be updated with the new consumer secret in order to work again.
Limit IP access
- You can enhance security by only allowing access to external software applications hailing from a certain IP address range. Click Add IP Range to enter the from and to address of the IP range. To limit access to exactly one IP address, use the same from and to value. You can add multiple IP ranges if that is necessary.
Security note: Because the combination of the Consumer Key and Consumer Secret give full access to the BlueConic API, this information should not be shared with others and should be kept in a safe place. If a connection is not being used, it is best to deactivate it using the On/Off switch next to its name.