Overview

The Flow1st Console needs to be configured to generate the API credentials required for the integration.

Security Model

The Flow1st Integration uses the following security model:

An API Key and API Secret is randomly generated and used for authentication when generating an Access Token
All non-authentication based Flow1st API endpoints use
- An Access Token for authentication with a Flow1st API
- A Signature to verify that the incoming request was not tampered It is recommended that all tokens are generated on the partner backend system and passed through the client.

The following credentials can be generated on the Flow1st Admin Console

Credential Name	Description
API Key	Used together with the API Secret when integrating the Authentication - Generate Access Token
API Secret	Used together with the API Key when integrating the Authentication - Generate Access Token
Signing Key	This credential is used when signing API Requests