Guides
Getting startedVisit een.comMy Application/Login
Start typing to search…

Client Credentials

Introduction

Client Credentials are what your Application uses to prove its identity to the Eagle Eye Networks Cloud and authenticate when calling the Video API Platform. Every set of credentials is always tied to a specific Application, which makes Applications the natural boundary for managing access, permissions, and lifecycle controls like rotation or revocation.

This section covers how Client Credentials work, when to create multiple credential sets for the same Application (for example, separating environments or services), and how permissions and authentication flows—such as machine-to-machine access—are applied. You’ll also find practical guidance on storing credentials securely, rotating them without downtime, and troubleshooting the most common authentication issues.

🚧

End Users Should Never See Your Client Credentials

Client Credentials are how the Eagle Eye Video API Platform identifies the specific application that is accessing an end user account. End users should never have to create or enter Client Credentials as part of any integration process. The application developer should be the only entity with access to such credentials.

Creating Client Credentials

Client Credentials can be created and managed from the developer portal’s My Application page. After logging in to your developer dashboard, navigate to the List applications page to see all your existing applications.

From the Application List, find the application you want to create Client Credentials for, and click the See Client Credentials button next to the application name.

See Client Credentials

Once you reach the Client Credentials page, click the Add Credentials button on the top right to open the Client Credential Creation form. Fill out the required fields, including the credential name and redirect URLs.

📘

Redirect URLs

Redirect URLs are the locations where the Eagle Eye Networks authorization server will send the user after they have approved your application to access their resources. You must specify at least one redirect URL when creating Client Credentials.


sequenceDiagram
  autonumber
  participant U as User
  participant B as Browser
  participant A as Client App
  participant AS as EEN Authorization Server
  participant API as EEN API (Resource Server)

  A->>B: 1) Send user to /authorize\n(client_id, scope, response_type=code,\n redirect_uri=REDIRECT_URL, state)
  B->>AS: 2) GET /authorize ... redirect_uri=REDIRECT_URL
  U->>AS: 3) Login + consent (if prompted)

  rect rgb(255, 245, 200)
    AS-->>B: 4) 302 Redirect to REDIRECT_URL\n?code=AUTH_CODE&state=STATE
    Note over B,A: The browser lands on your REDIRECT_URL.\nYour app reads `code` (and verifies `state`).
  end

  A->>AS: 5) POST /token\n(grant_type=authorization_code,\n code=AUTH_CODE,\n redirect_uri=REDIRECT_URL,\n client_id, client_secret or PKCE)
  AS-->>A: 6) access_token (+ refresh_token, expires_in)
  A->>API: 7) API calls with Authorization: Bearer access_token
  API-->>A: 8) Protected resources

Managing Client Credentials

After creating Client Credentials, you can view and manage them from the Client Credentials page. Here, you can see all your Client Credentials, edit their details, and rotate or revoke them as needed.

To edit the details of a Client Credential, click the three-dot menu next to the credential name and select the Settings option. From here, you can update the credential name and redirect URLs.

Whitelist URLs

Updated 19 days ago