Generate Sigma API client credentials

To securely authenticate to the Sigma REST API, you must first generate client credentials. The client ID identifies the application or user making the request, and the client secret verifies that the application or user is authorized to use the Sigma REST API.

A developer can use the client credentials to generate a bearer token to authorize access to Sigma's API. If a request doesn't include a valid token, the API response returns an error.

The Sigma REST API also supports the use of OAuth override tokens in API calls. For more information, see Use OAuth override tokens.

API client credential security

API client credentials are associated with a specific organization member. When API requests are performed using a token generated with those credentials, the API response only returns data accessible to the authenticated user and permitted for their account type.

For security purposes, do not share API credentials for a user account with individuals that have fewer access permissions than those associated with the API credentials. For example, if you create API credentials with a user that has the Admin account type, do not share those credentials with users that have an account type with fewer permissions.

You can revoke credentials at any time. If you revoke credentials, update all applications and configurations that used the revoked credentials with new credentials.

User requirements

To generate API client credentials, you must be assigned the Admin account type.

Generate API client credentials

🚩

After you create the client credentials, you cannot view the client secret again in Sigma.

To generate API client credentials, do the following:

  1. From Sigma Home, open Administration, or click your user avatar to open the user menu and select Administration.

  2. In the side panel, select Developer Access.

    Screenshot of the Developer Access page in Sigma, showing an empty list of existing client credentials and a button to Create New.

  3. Click Create New to set up new credentials.
    The Create client credentials dialog opens.

  4. For Select privileges, select the checkbox for REST API to allow these credentials to be used for the API.

  5. For Name, enter a unique name to identify the credentials. For example, "Web app service account credentials".

  6. [optional] For Description, enter a description of purpose of the credentials. For example, "Inventory data entry web application API requests."

  7. For Owner, search for and select a member of your organization with whom to associate the credentials. The API secret uses the account type permissions assigned to this user.

  8. Click Create to generate the credentials.

    Screenshot of the Create client credentials dialog, with the REST API checkbox selected, a name of My API, a description of API client credentials, and an owner of Sigma Docs, who has the Admin account type assigned.

  9. Copy the client ID and secret and securely store them for future reference.

    🚩

    You cannot access the client secret after closing the dialog.

    REST API Access Credentials dialog, with a revoked Client ID and Client secret visible.