To be able to use the Bizzdesign open API, one or more named API clients must be created in Horizzon. Every API client has a unique identifier (the Client ID) and an associated secret key that can be used to request access tokens to authenticate with the API. Different types of permissions can be set per API client to determine the type of access to the data.

Required roles


Creating an API client

  1. On the Horizzon sidebar menu, click Clients.

  2. Click Create API client.

  3. Enter a Client ID and optionally a description of the client.

  4. Set the needed access rights for the API client:

    Admin permission: Switch on if the API client must be able to retrieve Horizzon events audit log information.
    Read permission: Select if the API client must be able to read data.
    Write permission: Select if the API client must be able to retrieve data (in addition to reading data).

    When assigning read or write permission, determine which model packages can be accessed by the API client, all packages or specific packages. In the case of specific packages, select the packages the client should have access to.

  5. Click Create to save the details.

When the API client is successfully created, a generated client secret is shown. This client secret is needed to connect your application to the Bizzdesign Open API. Save a copy of the client secret somewhere in a safe place. After that, click Done.

Once you leave the page, the client secret is gone.

API client access on model package page

If model package access has been set for an API client, the client will be shown as invited API client on the model package overview page, in the Invited API clients section. If the API client has access to all model packages, it will be indicated next to the client's name on the package page with "Invited to all packages".

The API client access can also be managed from the model package page. Existing API clients can be invited to the package, new API clients can be added, and the API client's access to the package can be revoked.