Home

Download this help site
(PDF 82MB)

Download

Authorizing external applications

For an external application to access or update Wild Apricot account information – via Wild Apricot's API  – it must first be authorized within Wild Apricot.  During authorization, the application will be assigned a unique API key. If the application provides account access to individual users (via a mobile app, for example), the application can be assigned a client ID and a client secret as well. Applications can use the application API key or client credentials for authentication when accessing the API.

Authorizing an application

To authorize external applications to access your Wild Apricot account, follow these steps:

  1. Hover over the  Settings  menu and select the  Security  option. Within the Security settings screen, select the Authorized applications option.

    Icon

    To authorize an application, you must access your Wild Apricot account in secure mode – using https rather than http. If you select this option in insecure mode, you will be prompted to switch to secure mode.

  2. On the Authorized applications screen, click the Authorize application button.

  3. Choose from the following application types then click Continue:

    TypeDescription
    Server applicationA server-side application that requires data from your Wild Apricot account.
    User authorizationA client application that requires authorization of individual Wild Apricot users (e.g. a mobile app).
    WordPressA WordPress site you want to integrate with your Wild Apricot site. For more information, see Integrating with WordPress.
  4. On the Application details screen, the following options and information are available:

    FieldDescription
    Application nameThe name used to identify this application within the list of authorized applications.
    API keyThe API key for this application. You can use this value to authenticate the application when accessing Wild Apricot's API. If there is no API key displayed, click the Generate API key button. To delete an API key, click the red X beside the key.

    You can control whether the application has read-only access, full access, or just access to functions required by WordPress. If you choose the read-only option – and authenticate your application using the API key – then the application can only access functional areas (called scopes) that do not update data.
    Application credentials for user authorizationThe client ID and client secret for this application. You will need this value if the application requests authentication using Wild Apricot user credentials. If there is no Client secret value displayed, click the Generate client secret button. To delete the client secret, click the red X beside the value.
    Authorize users via Wild Apricot single sign-on serviceCheck this option if you want Wild Apricot users to sign into the application and their Wild Apricot account from a single sign-on screen. If you disable this option, the application can still access data in your Wild Apricot account, but users will not be logged in their Wild Apricot accounts within their browser.
    Organization nameIf you enable the single sign-on service, you can specify the organization name displayed at the top of the single sign-on screen.
    Introductory text If you enable the single sign-on service, you can specify the description that appears below the organization name on the single sign-on screen.
    Allow login via social networks If you enable the single sign-on service, you can allow users to log in using their Facebook or Google+ credentials . If you enable this option,  then  Log in with Facebook  and  Log in with Google+  buttons will appear on the single sign-on screen.
    Trusted redirect domainsFor WordPress integration, enter the full URL of your WordPress site (e.g. http://aaot.wordpress.com). For other single sign-on scenarios, enter the URL to which the user will be redirected after login.
  5. Once you have completed entering or copying the required information, click the Save button to save your changes.  The application should now appear within the list of authorized applications.

     

Deauthorizing an application

Once an application has been authorized, you can deauthorize it by clicking the Deauthorize button below the application within the authorized applications list.

On this page: 

See also:


  • No labels