What: The BlueConic API Access Connection regulates access to BlueConic for any external software application using the BlueConic REST API. The connection acts as the gatekeeper for information on the BlueConic side. Without its approval, an external software application will be denied access to any information from BlueConic.
About BlueConic: The BlueConic customer data platform harnesses the data required to power the recognition of an individual at each interaction, and then synchronizes their intent across the marketing ecosystem.
Why: You want to integrate some software application in your marketing stack with BlueConic. Your developers use the BlueConic REST API to get information directly from or send information directly to BlueConic. To allow an external software application access, a BlueConic API Access connection should be created and activated.
Access to the BlueConic REST API is regulated using oAuth (version 1.0a with HMAC-SHA1 as signature algorithm, to be exact). The oAuth 1.0a algorithm requires a "Consumer Key" and "Consumer Secret", and the connection is used to define these for use in an external software application.
Configuring the connection
Connections based on the "BlueConic API Access" type require little configuration to offer endless opportunities. Each connection has its own unique "Consumer Key" and "Consumer Secret" to access the BlueConic REST API. This key and secret combination can then be used in external software applications that want to leverage on the unique features of BlueConic. We recommend to use a separate connection per application so you can activate or deactivate access per application as well.
- Consumer key
- Enter the key that will be used in the oAuth communication between BlueConic and the external software application. The key should consist of regular characters and numbers. It is recommended to use a descriptive name that explains the use of the connection. Your developers need this key to make oAuth work on their end.
- Consumer secret
When you create a new BlueConic API Access Connection a link "Generate Secret" is shown. Click the link to generate a 32 character secret. Your developers need this secret to make oAuth work on their end. Beware that while the secret is fully shown initially, it will be hidden when you return to the connection later and only the last four characters are revealed. So copy this information while it still is visible!
You can always generate a new secret by clicking "Generate New Secret". However, beware that as soon as you save the change, all external software applications currently using the old secret are locked out! All external software applications using this connection will need to be updated with the new consumer secret in order to work again.
- Limit IP access
- You can enhance security by only allowing access to external software applications hailing from a certain IP address range. Click Add IP Range to enter the from and to address of the IP range. Use the same from and to value to limit access to exactly one IP address. You can add multiple IP ranges if that is necessary.
Because the combination of the Consumer key and Consumer secret give full access to the BlueConic API, this information should not be shared with others and should be kept in a safe place. If a connection is not being used, it is best to deactivate it using the On/Off switch next to its name.