Setup a Customer API User & Client
This user can authenticate to Bedrijfsrooster Connect and serves as OAuth2 API Client.
Login to the regular Bedrijfsrooster app and create a new customer API User & Client for your Organization. This unique API User can be used to complete an OAuth2 authorization_code flow, and its client_id and client_secret can be used in the OAuth2 requests.
You need Owner permissions within the Bedrijfsrooster AppIf you are a developer working on an integration for your client or do not have Owner permissions on yout Bedrijfsrooster user account, ask your client or company management to create the API User and provide you the credentials.
About the API User & Client Credentials
Bedrijfsrooster uses two entities for API access.
- API User - Bedrijfsrooster scopes all API requests to the Organization of the API User, which gets its own unique email address and login secret. An Organization is the top entity and represents one of our customers. Organizations can have multiple User, Company and CompanyUser entities, amongst others.
- API Client - For each API User an API Client is created as well, which is OAuth2 compatible and has its own client_id and client_secret. This means that for each of our customers, a unique API User and API Client will be created. Unless if you, as a third party, are interesed in a wider scoped API Client, in which case we ask you to contact support.
Create new API User & Client
Follow the next steps to create a new API User and Client.
- Go to menu "Control > Integrations > Bedrijfsrooster Connect" and click "Create App".
- Provide a description like "Dashboard feed" or "Timeclock device" which should summarize what your app will be able to do.
- Click "Submit" to create the API User & Client and have the credentials displayed.
After creation you can open details and configuration inputs by selecting the API Client from the Bedrijfsrooster Connect dashboard.
Done! But remember, credential secrets will be shown only once...Be sure to securely store the API User secrets, so you can use it in a token request. If you forgot a secret, you need to regenerate all secrets and tokens for the User and Client.
Renew or Delete the API User Credentials
You can use the entries of the API User overview table on the Bedrijfsrooster Connect dashboard to open the API User details and choose to refresh the tokens or completely remove the credentials of the corresponding API User and API Client.
Editing credentials will block existing applicationsIt speaks for itself that refreshing or deleting API User credentials will block future requests made with those credentials on behalf of the corresponding user. This could cause unwanted security flags set to the parent Company by the Bedrijfsrooster systems and should therefor be handled with care.
Updated 10 months ago
You can use the API User credentials to authenticate to the IAM API. The next article describes the request and response format you can expect and how to handle them.