Update access profile

Update an access profile belonging to an API client.

To use this endpoint, the account must contain at least one API collection to assign to the access profile.

DEPRECATION NOTICE

This endpoint is planned for deprecation on December 1, 2025. Transition to the Update an API key endpoint before this date to ensure uninterrupted service.

The response returned depends on the auth type chosen:

Auth token: returns the auth token in the secret response.
JWT token: has two signing methods: HMAC and RSA. Depending on the method you choose, the respective secret or public is required in the payload.
OAuth 2.0: returns the client ID and secret in oauth_client_id and oauth_client secret.

Path parameters

api_access_profile_idintegerRequired

API access profile ID.

Request

This endpoint expects an object.

namestringOptional

Name of the access profile.

api_collection_idslist of integersOptional

IDs of collections to add to the access profile.

auth_typestringOptional

Authentication method to validate requests. Available types are: token, jwt, oauth2, and oidc.

jwt_methodstringOptional

The JWT signing method. If the auth_type is jwt, this field is required. Available methods are hmac and rsa for HMAC and RSA respectively.

jwt_secretstringOptional

Based on the method, specify the HMAC shared secret or the RSA public key.

oidc_issuerstringOptional

Discovery URL of identity provider or OIDC service. Provide only one of this or oidc_jwks_uri, not both. Only applicable if auth_type is jwt or oidc.

oidc_jwks_uristringOptional

JWKS URL of identity provider or OIDC service. Provide only one of this or oidc_issuer, not both. Only applicable if auth_type is jwt or oidc.

access_profile_claimstringOptional

If you plan to use a custom claim to identify this access profile, provide the JWT claim key in this field. Only applicable if auth_type is jwt or oidc.

required_claimslist of stringsOptional

Provide a list of claims that you plan to enforce. Only applicable if auth_type is jwt or oidc.

allowed_issuerslist of stringsOptional

Provide a list of issuers (represented by the iss value in JWT claims) that you plan to allow. If the iss claim is enforced in required_claims, leave this field blank to accept any iss value. This parameter is only applicable when auth_type is set to jwt or oidc.

ip_allow_listlist of stringsOptional

List of IP addresses to be allowlisted.

Response

Success reply

idinteger

ID of the access profile.

namestring

Name of the access profile.

api_client_idinteger

ID of the API client to which this access profile belongs to.

api_collection_idslist of integers

IDs of the API collections that are accessible by this access profile.

activeboolean

Indicates whether the access profile is disabled or enabled.

auth_typestring

Authentication method used in the access profile. Options are: token, jwt, oauth2, and oidc.

jwt_methodstring

The JWT signing method. Available methods are hmac and rsa for HMAC and RSA respectively. Only applicable if the auth_type is jwt.

jwt_secretstring

Based on the method, specify the HMAC shared secret or the RSA public key.

oidc_issuerstring

Discovery URL of identity provider or OIDC service. Provide only one of this or oidc_jwks_uri, not both. Only applicable if auth_type is jwt or oidc.

oidc_jwks_uristring

JWKS URL of identity provider or OIDC service. Provide only one of this or oidc_issuer, not both. Only applicable if auth_type is jwt or oidc.

access_profile_claimstring

Provide the JWT claim key if you plan to use a custom claim to identify this access profile. Only applicable if auth_type is jwt or oidc.

required_claimslist of strings

Provide a list of claims that you plan to enforce. Only applicable if auth_type is jwt or oidc.

allowed_issuerslist of strings

ip_allow_listlist of doubles

List of IP addresses to be allowlisted.

created_atstring

Timestamp in ISO 8601 format.

updated_atstring

Timestamp in ISO 8601 format.

1	curl -X PUT https://www.workato.com/api/api_access_profiles/1 \
2	-H "Authorization: Bearer <token>" \
3	-H "Content-Type: application/json" \
4	-d '{}'

1	{
2	"id": 942738,
3	"name": "Sales API Profile",
4	"api_client_id": 933804,
5	"api_collection_ids": [
6	791245,
7	785457,
8	785404
9	],
10	"active": true,
11	"auth_type": "token",
12	"jwt_method": "null",
13	"jwt_secret": "null",
14	"oidc_issuer": "null",
15	"oidc_jwks_uri": "null",
16	"access_profile_claim": "null",
17	"required_claims": [
18	"null"
19	],
20	"allowed_issuers": [
21	"null"
22	],
23	"ip_allow_list": [
24	192.158138,
25	192.02146
26	],
27	"created_at": "2020-06-15T22:20:15.327-07:00",
28	"updated_at": "2020-07-31T03:44:22.435-07:00"
29	}

DEPRECATION NOTICE

Path parameters

Headers

Request

Response

Errors