To call APIs from a script or an external program, you must create an API client in the Citrix Cloud.
In the Citrix Cloud console, click the menu in the upper left corner of the screen.
Select the Identity and Access Management option from the menu.
Note: If this option does not appear, you may not have adequate permissions to create an API client. Contact your administrator to get the required permissions.
Select the API Access tab.
Important: Take a note of the customer ID in the description above the Create Client button. You will need it in the later steps.
- Name your Secure Client, and click Create Client.
Note: Deleting a client can impact your integration with Citrix Cloud.
- The following message appears, ID and Secret have been created successfully. Download or copy the Client Id and Secret.
Important: Citrix recommends that you use the Client Id and Secret to authenticate Citrix APIs. If you choose to authenticate using a bearer token,under Call an API section, see Call an API using the Citrix Cloud bearer token.
API client scope and permissions
API clients in Citrix Cloud are always tied to one administrator and one customer. The API clients that you create are not visible to other administrators in your organization. If you have access to more than one customer, you must create API client(s) within each customer. You can use these clients to call APIs for these customers.
API clients owned by a Citrix Cloud administrator are automatically restricted to the rights of that administrator, within that customer. For example, if an administrator is restricted to access only notifications, then the API clients also have similar restrictions.
If an administrator’s access is reduced at any point, then the access of all the API clients owned by that administrator is also reduced.
If an administrator’s access is removed from the list of administrators within that customer, then all the API clients within that customer are automatically deleted.
The Citrix Cloud API requires a customer ID when calling REST APIs, as part of the URL. The parameter sometimes must be the special value
or the specific customer that you are targeting.
To get the customer ID, go to the Identity and Access Management page and click API Access tab. You can see the customer ID in the description above the Create Client button.
You can call an API using either a Client ID and Secret or a Citrix Cloud bearer token.
Citrix recommends using a Client ID and Secret method to call an API.
Call an API using Client ID and Secret
Navigate to any Citrix Cloud service, under API Exploration click any API from the list and click Try this API button.
In the request Authorization header parameter description, click Generate here. The Set Authentication window appears.
Enter Client ID and Secret keys that were generated while creating an API client. Click Generate. A bearer token is generated using the Client ID and Secret.
Call an API using the Citrix Cloud bearer token
In the request Authorization header, use the 'token' property returned from the below authentication API.
|customer||path||Use the special value
Prefix the token with
Authorization: CwsAuth Bearer=ey1..
POST https://trust.citrixworkspacesapi.net/root/tokens/clients HTTP/1.1
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Fri, 23 Dec 2016 21:53:37 GMT