Registered API Clients

Use separate clients for production, test and partner environments.

@forelse($clients as $client) @php $scopes = is_array($client->allowed_scopes) ? $client->allowed_scopes : preg_split('/[,\s]+/', (string)$client->allowed_scopes, -1, PREG_SPLIT_NO_EMPTY); $selectedDistricts = preg_split('/[,\s]+/', (string) $client->allowed_district_ids, -1, PREG_SPLIT_NO_EMPTY); $selectedDistrictNames = $districts->filter(function($district) use ($selectedDistricts) { return in_array((string) $district->id, array_map('strval', $selectedDistricts), true); })->pluck('name')->values()->all(); $outboundUrl = $client->outbound_base_url ? rtrim($client->outbound_base_url, '/').'/'.ltrim($client->outbound_push_endpoint ?: '', '/') : null; @endphp @empty @endforelse

Client	Client Key	Scopes	Zero Trust	Outbound URL	Status
{{ $client->name }} {{ $client->system_name ?: 'External system' }} {{ $client->integration_code ?: 'PARTNER_SYSTEM' }}	`{{ $client->client_key }}` Secret hashed and hidden.	@forelse($scopes as $scope){{ $scope }}@emptyNo scopes@endforelse @if(!empty($client->allowed_district_ids)) Districts: {{ !empty($selectedDistrictNames) ? implode(', ', $selectedDistrictNames) : $client->allowed_district_ids }} @endif @if(!empty($client->partner_id)) @php $clientPartner = $partners->firstWhere('id', $client->partner_id); @endphp Partner: {{ $clientPartner->name ?? ('ID '.$client->partner_id) }} @endif	HTTPS {{ $client->require_https ? 'On' : 'Off' }} Signed {{ $client->require_signed_requests ? 'On' : 'Off' }} Encryption {{ $client->require_payload_encryption ? 'On' : 'Off' }} Rate: {{ $client->rate_limit_per_minute ?: 60 }}/min \| Window: {{ $client->signature_window_seconds ?: 300 }}s	@if($client->outbound_enabled && $outboundUrl) Enabled {{ $outboundUrl }} @else Not configured @endif	{{ $client->is_active ? 'Active' : 'Inactive' }} {{ $client->last_used_at ? \Carbon\Carbon::parse($client->last_used_at)->format('d M Y H:i') : 'Never used' }}
Edit client configuration Scopes, IPs, data scope, rate limits and outbound URL only. @csrf @method('PUT') Client Name System Name Integration Code Allowed Scopes{{ old('allowed_scopes', $client->allowed_scopes) }}Example: reference_data.read,incident_statistics.read,ubos.push,data_scope.district Allowed IPs / CIDR{{ old('allowed_ips', $client->allowed_ips) }}Example: 41.210.143.163, 10.0.0.0/24 Allowed Districts @php $oldDistricts = old('allowed_district_ids', $selectedDistricts); @endphp Hold Ctrl to select multiple districts. Required when using `data_scope.district`. Partner Required when using `data_scope.partner`. Only one partner is allowed. Rate Limit / Minute Signature Window Seconds API Version is_active) ? 'checked' : '' }}> Active require_https) ? true : $client->require_https) ? 'checked' : '' }}> Require HTTPS require_signed_requests) ? 'checked' : '' }}> Require Signed Requests require_payload_encryption) ? 'checked' : '' }}> Require Payload Encryption Outbound Sharing Destination Outbound Base URL Push Endpoint Timeout outbound_enabled) ? 'checked' : '' }}> Enable outbound_verify_ssl) ? true : $client->outbound_verify_ssl) ? 'checked' : '' }}> Verify SSL Notes{{ old('outbound_notes', $client->outbound_notes) }}
No API clients registeredCreate the first authorised client using the panel on the right.

Create API Client

The generated secret is displayed once only.

@csrf

Client Name

System Name

Integration Code

Allowed ScopesUse the smallest required scopes. Example district scope: data_scope.district.

Allowed IPs / CIDR

Allowed Districts Hold Ctrl to select multiple districts. Required when using data_scope.district.

Partner Required when using data_scope.partner. Only one partner is allowed.

Rate Limit / Minute

Signature Window Seconds

Require signed requests

Require encrypted payloads

Outbound Sharing Destination

Enable outbound sharing

Outbound Base URL

Push Endpoint

API Version

Timeout Seconds

Verify SSL certificate