Client Credentials

Introduction to Client Credentials in Nacelle

Client credentials are a crucial part of securing your application within the Nacelle ecosystem. This guide will walk you through the process of setting up client credentials, which you'll use to obtain private access tokens for secure interactions with the Storefront API.

Why You Need Client Credentials?

  1. Security: Client credentials help ensure that only authorized applications and servers can access your data.
  2. Identification: They help Nacelle identify which application is making a request, aiding in rate limiting, monitoring, and auditing.
  3. Scoped Access: Using credentials, you can define what level of access an application has, limiting the potential damage from accidental misuse or malicious actions.

Setting Up Client Credentials in Nacelle

Setting up client credentials is a one-time activity per space in Nacelle. Follow the example below to set up new space credentials:

Creating New Space Credentials

Here's how to create new space credentials using a cURL command:

curl -X POST \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer LOGIN_TOKEN" \
  -H "X-Nacelle-Space-ID: SPACE_ID" \
  -d '{"name":"CLIENT_NAME","description":"CLIENT_DESCRIPTION"}'

NOTE: "LOGIN_TOKEN" can be obtained after logging into the nacelle dashboard from the browser console (F12) network tab.

NOTE: Be sure to replace "SPACE_ID", "CLIENT_NAME", and "CLIENT_DESCRIPTION" with your specific values.

Parameters Explained:

  • SPACE_ID: The unique identifier for your Nacelle space.
  • CLIENT_NAME: A name to identify the client application.
  • CLIENT_DESCRIPTION: A brief description that indicates the purpose of the client.

Next Steps

After successfully setting up your client credentials, you can use them to obtain a private access tokens, which will enable your application to make secure API requests.