For one Marketo account client Id and client secret same or different from user to user in that account

Anonymous
Not applicable

For one Marketo account client Id and client secret same or different from user to user in that account

Hi Team ,

For One Marketo account clientId and clientsecret is same or different from user to user in that acount .

Means If I am generating acesstoken  using clientId and clientsecret and Identity url , then that acesstoken is only valid for that user1 . But If  user2 of same account wants to generate acesstoken then he should provide his clientId and clientSecret or he can use that same acesstoken  of user1 of same account .

Thanks

Anil Kumar Nayak

9 REPLIES 9
SanfordWhiteman
Level 10 - Community Moderator

Re: For one Marketo account client Id and client secret same or different from user to user in that account

REST API service users should be allocated per app. The concept behind having different users is that counts can be totaled per user, and perhaps most important, one user can be removed without affecting other apps.

Anonymous
Not applicable

Re: For one Marketo account client Id and client secret same or different from user to user in that account

Hi Sanford ,

Thanks for your response , can you please explain more description about it .

Thanks

Anil Kumar Nayak

SanfordWhiteman
Level 10 - Community Moderator

Re: For one Marketo account client Id and client secret same or different from user to user in that account

What's not clear?

All your connected apps should have their own REST API users (and therefore their own client credentials, and their own access tokens).

These are basic rules of security: isolate users, permissions, and sessions, so that authentication/authorization/accounting can be individually controlled. No user's actions should have side effects on other users (there may be shared counters, like total API calls per day, which make complete isolation impossible, but you strive for the closest you can get to complete isolation).

Anonymous
Not applicable

Re: For one Marketo account client Id and client secret same or different from user to user in that account

Hi Sanford,

My question is I have a Marketo account  , in this account I have 5 users and each user have different acesstokens , so when I will try to connect to Marketo from built.io or warketo , then each time I have to provide identity url,clientid,clientSecret  for making connection for all users of same marketo account. Is this correct process .

Thanks

Anil kumar Nayak

SanfordWhiteman
Level 10 - Community Moderator

Re: For one Marketo account client Id and client secret same or different from user to user in that account

Regular users never have access tokens. 

Only API-only users have access tokens.

You should have one API-only user for every connected app.

Anonymous
Not applicable

Re: For one Marketo account client Id and client secret same or different from user to user in that account

Hi Sanford ,

Thanks , you given me  great point , really I am confused about this , so u mean to say for one marketo account we should create one API-only user , which will give accesstoken by providing clientId and clientsecret . But If I will create multiple API-only user is there any problem while acessing REST API  , If then give me proper instructions about that .

Thanks

Anil Kumar Nayak

SanfordWhiteman
Level 10 - Community Moderator

Re: For one Marketo account client Id and client secret same or different from user to user in that account

One Marketo instance should have, ideally, as many API-only users as it has connected apps. An app is a distinct development project.

Projects hosted on different servers are almost always different apps by this definition.  For example, an app that downloads daily activities and an app on another box that uploads list imports are different apps.

Multiple connections from the same piece of software running on the same server are probably not multiple apps. For example, if you have a PHP server making multiple upload connections to Marketo each day, that's one app, even with different connections and maybe different threads.

Two distinct apps using the REST API: two API-only users.

Three apps using REST: three API-only users.

I don't know what kind of problem you are expecting, but the problems happen when you don't have multiple users. You have to be able to police resource utilization by each user. If a process turns out to be using runaway API calls, you must be able to cut off that process instead of cutting off all your processes.

Even better is if you use different API users and pass all your calls through an API gateway, so you can place a max # of calls per user and more closely track usage trends. You probably are not technically ready for this, but it is the most enterprise-level approach.

I hope this is clear now as I don't know any other ways to rephrase it.

Anonymous
Not applicable

Re: For one Marketo account client Id and client secret same or different from user to user in that account

Hi Sanford ,

Actually my problem is , we are making a marketo integration with built.io express, while making marketo connection they are asking identityurl,clientId and client secret . So I am user of one marketo account , so I give those details to generate acesstoken , but when another user came from same marketo account ,how that user know he has already a marketo connection for this account , means my question is again that user has to go for new marketo connection or he can use existing marketo connection , if he will use existing connection , how he knows that connection is his marketo account connection , becoz for every marketo account identity url,clientId and client secret is different  . so here we are not agree to provide everytime clientId, clientSecret and Identity url for every user to make a marketo connection with built.io .

Thanks

Anil Kumar Nayak

Dan_Stevens_
Level 10 - Champion Alumni

Re: For one Marketo account client Id and client secret same or different from user to user in that account

This has nothing to do with your user account in Marketo.  You must setup a distinct "API-only" account for each service that will be connecting to your environment.  For example, today, we have two services that are accessing data via the API.  One of those services is our Brightcove video platform.  First we created an API-only account for them in Marketo:

pastedImage_0.png

And then we use that account to setup the service (Admin > Launchpoint):

pastedImage_2.png

pastedImage_1.png