API Client
Access the Suger API via the API Client Auth
Overview
To access the Suger API for integration purposes, it requires an API Client for authentication.
- Each organization can create up to FIVE API Clients.
- If your organization needs additional API Clients with specific justifications, please contact our support team at [email protected]. We are available to help you manually add extra API Clients to your organization
Create API Client With API Key
- 
Visit the settings page of your organization. Find the API Clientsection as shown below.
- 
Click the button CREATE API CLIENTand selectAPI_KEYas the Auth Type. Please store theAPI Keycarefully in a safe place, since it only shows once.
Use API Key to Access Suger API
- 
In order to access the suger API, you should include the API Keyin the HTTP request header under theAuthorizationfield, with the formatKey .... For example,curl -L -X GET 'https://api.suger.cloud/org/sugerOrgId/user' \
 -H 'Content-Type: application/json' \
 -H 'Authorization: Key 673d5b018d472f...'
Create API Client With Bearer Token
- Creating a new API client with bearer token is no longer supported. Instead, please create a new API client with API key.
- Existing API clients that use a bearer token can still be utilized to access the Suger API without any disruption.
- 
Visit the settings page of your organization. Find the API Clientsection as shown below.
- 
Click the button CREATE API CLIENTand selectBEARER_TOKENas the Auth Type. Please store theClient Secretcarefully in a safe place, since it only shows once.
Get / Refresh Bearer Token
- 
Send a POSTrequest tohttps://api.suger.cloud/public/apiClient/accessTokenfollowing the API Auth Referencecurl -L -X POST 'https://api.suger.cloud/public/apiClient/accessToken' \
 -H 'Content-Type: application/json' \
 -d '{
 "organizationID": "your-suger-organization-id",
 "id": "your-API-client-id",
 "secret": "your-API-client-secret"
 }'
- 
If succeed, you shall receive 200 OKresponse with payload like below. The default expiration time of token is1 hour.{
 "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6I...",
 "expires_in": 3600,
 "expires_on": "2023-05-15T04:41:58.670945Z",
 "token_type": "Bearer"
 }
Use Bearer Token to Access Suger API
- 
In order to access the suger API, you should include a bearer tokenin the HTTP request header under theAuthorizationfield, with the formatBearer .... For example,curl -L -X GET 'https://api.suger.cloud/org/sugerOrgId/user' \
 -H 'Content-Type: application/json' \
 -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6I...'
Rotate API Client Secret / API Key
Suger doesn't save your Client Secret or API Key. If you forget or lose it, the API client has to be rotated with a new secret or API Key. Click the rotate secret icon to do it. Once the Client Secret or API Key is rotated, the old one will be invalid immediately.
Delete API Client
Click the delete icon to delete the API client. Then you are available to create a new one.