Further secure your BigMarker access with a custom API application.
The BigMarker API is an incredibly powerful tool that allows you to have total control over your channels and content. However, in order to access the BigMarker API, all that is needed is your API Key, which act as your username and password all in one. To allow for the same level of access while also adding an additional level of security, we've added API Applications.
In your channel settings, toward the bottom of the page in the lefthand navigation menu, you'll see the API Applications setting. This is where you'll create different apps that will be interfacing with the BigMarker data on the channel.
With our default API, a key was associated to a single user. If that user has access to and has admin rights within multiple channels and webinars. The API Application limits this access to just one channel.
After clicking New Application, give your application a name and a callback URL. The callback URL will receive the access token and the refresh token that will grant access to the API.
Once you've input your information and clicked Save, you'll see your new Application listed on your Application management screen. On the far righthand side of the line item for your new application, find the three dots and select, Edit from the dropdown.
You'll see that your Application ID and Secret have been created, which need to be input and used on the client side to manage the new app. Once these are set up, BigMarker will then have to authorize the new Application when first connecting. During this process, a new screen will appear, confirming access to the new application. The new screen will alert you that authorization is required, and the App you've created wants to access your channel. This will allow your new application to create, manage and permanently delete webinars, series and registration data on the channel you are requesting access to. Select Allow.
You can think of this as a similar process to using an existing account, like your Google account or Facebook account, to sign into an app or site. instead of using the API to connect to BigMarker, You'll be signing into BigMarker, and then allowing access through this new application. This process is a more secure and seamless one, allowing more customizations throughout the process.
This action will respond with a code. The code will make a call with the parameters that were generated through the clients application ID & secret. Then, you'll get an access token. This is essentially what the API key will be. The access token will expire every 2 hours, providing an extra layer of security in case the token has leaked or been shared excessively. You are also provided with a refresh token will be used in separate API calls to make a new access token once the previous access token has expired.