[[["容易理解","easyToUnderstand","thumb-up"],["確實解決了我的問題","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["難以理解","hardToUnderstand","thumb-down"],["資訊或程式碼範例有誤","incorrectInformationOrSampleCode","thumb-down"],["缺少我需要的資訊/範例","missingTheInformationSamplesINeed","thumb-down"],["翻譯問題","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["上次更新時間:2025-09-05 (世界標準時間)。"],[[["\u003cp\u003eThis content pertains to obtaining client credentials, also known as developer keys, for OAuth 2.0 authorization within Apigee and Apigee hybrid.\u003c/p\u003e\n"],["\u003cp\u003eClient apps must register with Apigee to receive a unique Key (public) and Secret (private) for identification during OAuth 2.0 flows.\u003c/p\u003e\n"],["\u003cp\u003eClient credentials, referred to as the client identifier and client secret in the IETF OAuth 2.0 specification, are synonymous with Apigee's Credential Key and Secret.\u003c/p\u003e\n"],["\u003cp\u003eYou can retrieve the client Key and Secret either through the Apigee UI or via Apigee APIs, using \u003ccode\u003ecurl\u003c/code\u003e commands and OAuth 2.0 access tokens.\u003c/p\u003e\n"],["\u003cp\u003eUsing Apigee API calls, you can use the application ID to extract a detailed app profile, including the \u003ccode\u003econsumerKey\u003c/code\u003e and \u003ccode\u003econsumerSecret\u003c/code\u003e.\u003c/p\u003e\n"]]],[],null,["# Obtaining client credentials\n\n*This page\napplies to **Apigee** and **Apigee hybrid**.*\n\n\n*View [Apigee Edge](https://docs.apigee.com/api-platform/get-started/what-apigee-edge) documentation.*\n\nThis topic discusses obtaining client credentials (also called developer keys) for use\nin the OAuth 2.0 authorization flow.\n\nWhat are client credentials?\n----------------------------\n\nTo participate in any OAuth 2.0 authorization flow, all client apps must be registered with Apigee (the\nauthorization server). When you register your app, you will be assigned two credentials: a Key and a Secret. The Key is a\npublic key and Secret must never be made public. These credential keys allow\nApigee to uniquely identify the client app.\n| **Note:** Terminology: The [IETF OAuth 2.0 specification](https://tools.ietf.org/html/draft-ietf-oauth-v2-31) refers to client credentials as the client identifier and client secret. The Apigee UI refers to them as the Credential Key and Secret. These terms are synonymous.\n\nGetting the key and secret from the Apigee UI\n---------------------------------------------\n\nSee [Viewing an API key and secret](/apigee/docs/api-platform/publish/creating-apps-surface-your-api#view-api-key).\n\nGetting the key and secret with Apigee APIs\n-------------------------------------------\n\nUse an API to get the list of apps in your organization: \n\n```\ncurl \"https://apigee.googleapis.com/v1/organizations/$ORG/apps\" \\\n -H \"Authorization: Bearer $TOKEN\"\n```\n\nWhere `$TOKEN` is set to your OAuth 2.0 access token, as described in\n[Obtaining an OAuth 2.0 access token](/apigee/docs/api-platform/get-started/api-get-started#oauth20). For information about the `curl` options used in this example, see\n[Using curl](/apigee/docs/api-platform/get-started/api-get-started#curl). For a description of environment variables you can use, see\n[Setting\nenvironment variables for Apigee API requests](/apigee/docs/api-platform/get-started/api-get-started#api-environment-variables).\n\nThis call returns a list of apps by **app ID**. \n\n```text\n[ \"da496fae-2a04-4a5c-b2d0-709278a6f9db\", \"50e3e831-175b-4a05-8fb6-05a54701af6e\" ]\n```\n\nTo retrieve an app's profile: \n\n```\ncurl \"https://apigee.googleapis.com/v1/organizations/$ORG/apps/$APP\" \\\n -H \"Authorization: Bearer $TOKEN\"\n```\n\nWhere `$TOKEN` is set to your OAuth 2.0 access token, as described in\n[Obtaining an OAuth 2.0 access token](/apigee/docs/api-platform/get-started/api-get-started#oauth20). For information about the `curl` options used in this example, see\n[Using curl](/apigee/docs/api-platform/get-started/api-get-started#curl). For a description of environment variables you can use, see\n[Setting\nenvironment variables for Apigee API requests](/apigee/docs/api-platform/get-started/api-get-started#api-environment-variables).\n\nFor example: \n\n```\n$ curl https://apigee.googleapis.com/v1/o/organizations/myorg/apps/da496fae-2a04-4a5c-b2d0-709278a6f9db \\\n -H \"Authorization: Bearer $TOKEN\"\n```\n\nThe API returns the profile of the app you specified. For example, an app profile\nfor **weatherapp** has the following JSON representation: \n\n```transact-sql\n{\n \"accessType\" : \"read\",\n \"apiProducts\" : [ ],\n \"appFamily\" : \"default\",\n \"appId\" : \"da496fae-2a04-4a5c-b2d0-70928a6f9db\",\n \"attributes\" : [ ],\n \"callbackUrl\" : \"http://weatherapp.com\",\n \"createdAt\" : 1380290158713,\n \"createdBy\" : \"noreply_admin@apigee.com\",\n \"credentials\" : [ {\n \"apiProducts\" : [ {\n \"apiproduct\" : \"PremiumWeatherAPI\",\n \"status\" : \"approved\"\n } ],\n \"attributes\" : [ ],\n \"consumerKey\" : \"bBGAQrXgivA9lKu7NMPyYpVKNhGar6K\",\n \"consumerSecret\" : \"hAr4Gn0gA9vyvI4\",\n \"expiresAt\" : -1,\n \"issuedAt\" : 1380290161417,\n \"scopes\" : [ ],\n \"status\" : \"approved\"\n } ],\n \"developerId\" : \"5w95xGkpnjzDBT4\",\n \"lastModifiedAt\" : 1380290158713,\n \"lastModifiedBy\" : \"noreply_admin@apigee.com\",\n \"name\" : \"weatherapp\",\n \"scopes\" : [ ],\n \"status\" : \"approved\"\n}\n```\n\nNote the values\nfor `consumerKey` and `consumerSecret`."]]
