Portal & API Access
This page covers how you authenticate and manage users on the 1NCE Platform 2.0. For the endpoint-level API changes, see Management API Migration.
Portal
With the 1NCE Platform 2.0, we have improved and simplified the user experience across several areas. You can find full details about the Customer Portal updates here.
API credentials
| 1NCE Platform 1.0 | 1NCE Platform 2.0 | |
|---|---|---|
| Where credentials live | Created as an "API User" in your user list | Account → Management API Access |
| Credential type | API user (username-based) | OAuth2 Client-ID + secret |
| How many | One user | Self-generate as many as you need |
On the 1NCE Platform 2.0, you generate your own API credentials under Account → Management API Access. Each credential is an OAuth2 Client-ID and secret pair. You no longer provide unnecessary user information (such as a phone number or name) just to create API access.
If you already have a user of type API, no action is required — it has been moved automatically to Account → Management API Access and keeps working with the v2 Management API.
The Owner role cannot use the API
The account Owner can authenticate and retrieve an API key, but the Owner role is not authorized as an API user — the key cannot actually be used to make API calls.
Do not build integrations against the Owner role. Generate a dedicated credential under Account → Management API Access and use that for API calls.
User roles
The third-party access role is removed. The 1NCE Platform 2.0 has four roles:
| Role | Use |
|---|---|
| Owner | Account owner (cannot use the API) |
| Admin | Full hands-on access |
| User | Hands-on access |
| Read Only | View-only access |
If you used the third-party access role, move those users to the role that best fits — User for hands-on access or Read Only for view-only.
API permissions and rate limits
- Per-key permissions: granular permissions per API key (RBAC) are not available at launch. They are planned for the future.
- Rate limits: unchanged. The default is 10 TPS, with customer-specific overrides available on request (for example, 100 TPS).
What to do
- Generate API credentials under Account → Management API Access (or rely on your auto-migrated API user).
- Repoint any integration that used the Owner role to a dedicated API credential.
- Migrate any third-party access users to Admin, User, or Read Only.
- Review Management API Migration for the v1 → v2 endpoint changes.
- Explore the endpoints in the API Explorer (v2).