How do I Submit a Special Request for an API Key?
In order to establish a new API Key for the TFNRegistry API, Somos requires a Special Request* to be submitted by the Resp Org. When the Special Request is displayed, please enter the following information in the “Request Description” field for an API Key request and then select the “Submit” button:
- A statement that a user(s) would like the ability to manage their API Key in the TFNRegistry UI.
- Login ID: [(Provide the Login ID or Login IDs** that will be using the API Key.)]
- Environment(s): [(Production and/or Sandbox)]
* Please Note: Access to the Special Request is permission based. If you do not have access to this request, please contact your Primary Contact and/or Company Administrator(s) for assistance. The Special Request can be located by selecting the “Special Request” in the “Submit Requests” section of the Somos Portal Website (portal.somos.com).
** Please Note: If you are requesting the ability to manage an API Key(s) for more than one Login ID, you may do so in the same Special Request. Please attach a list of the Login IDs, environment(s) and notate as such in the Special Request's description. As an alternative, consider that one API Key per Resp Org is typically sufficient to perform the required operations and all the tokens generated with that API Key will have the same permissions as the Login ID for which the API Key was requested.
How do I Set Up MFA After My API Key Has Been Enabled by the Help Desk?
As of June 5, 2022, if you have an API Key enabled on your Login ID (i.e. you do not login with your Login ID and password) for the TFNRegistry API are required to set up MFA. This includes new and established API Key users. By establishing MFA, it provides a second layer of security as well as it allows you to manage the API Key on the User Control (URC) page in the TFNRegistry UI. To set up MFA for the first time, you will need to login with their Login ID and password and navigate to the URC page.
Please Note: Available authenticators include, but are not limited to: Google Authenticator, Microsoft Authenticator, OneLogin, Authy, and LastPass. Google Authenticator installed on an Android device is chosen as the third-party application to document the MFA set up process. For more information on how to get started with the MFA set up in the TFNRegistry, please click here, or click here to access the MFA Quick Start Guide.
After you have been granted API Key permissions, you will log into the TFNRegistry, navigate to the URC page, set up MFA, and then have the ability to generate an API Key from the URC page. Once the API Key and Access Secret have been generated, please follow these steps:
- Take note of the API Key and Access Secret. If you navigate away from the URC page, the Access Secret will no longer be retrievable.
- By using the “/token” API, you can request for the OAUTH token, which can be used in the subsequent API calls.
- URL: POST - {{url}}/token
- Body: grant_type:client_credentials
- Headers: Content-Type: application/x-www-form-urlencoded
- Authorization: Basic (base64 encoded value of client_id:client_secret)
- You can request for “N” number of OAUTH tokens, unlike the normal session open where you can request for the SessionOverride key.
Please Note: You must enter the client_id and client_secret key information that has been received from the /clientcredentials API for client_credentials grant type.