--- title: Using the global REST API client credentials description: View and update the global REST API Client ID and REST API Client Secret values. component: pingoneforenterprise page_id: pingoneforenterprise:pingone_sso_for_saas_apps:p14saas_use_rest_api_client_credentials canonical_url: https://docs.pingidentity.com/pingoneforenterprise/pingone_sso_for_saas_apps/p14saas_use_rest_api_client_credentials.html revdate: March 30, 2023 section_ids: about-this-task: About this task steps: Steps result: Result next-steps: Next steps --- # Using the global REST API client credentials View and update the global **REST API Client ID** and **REST API Client Secret** values. ## About this task As a Service Provider (SP), to integrate your cloud application with PingOne SSO for SaaS Apps, you must assign a **REST API Client Secret** value. This value with the associated **REST API Client ID** are the credentials required for basic HTTP authentication between your client and PingOne SSO for SaaS Apps, which creates a secure connection over which your application can receive user attributes. You can use the **REST API Client ID** and **REST API Client Secret** on the **Global Credentials** tab for all of your application connections and the Customer Connections API. For improved security, you should create separate credentials for each application. For more information on creating additional credentials, see [Creating or editing application-specific credentials](p14saas_application_credentials.html) and [Creating or editing additional Connection API credentials](p14saas_customer_connection_api_credentials.html). | | | | - | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | Include these credentials in the Basic authorization header as `REST_API_Client_ID:REST_API_Client_Secret `using Base64-encoding.When using cURL, the `--user` parameter is a wrapper for Basic authentication. | ## Steps 1. Go to **Account > Integration > Global Credentials**. | | | | - | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | If you have not set a global **REST API Client Secret**, this tab is being deprecated in favor of the new [application credential](p14saas_application_credentials.html) and [connection credential](p14saas_customer_connection_api_credentials.html) tabs.If you have set the global **REST API Client Secret**, you can disable it in favor of the more secure application and connection credentials. | 2. To change the global credentials, click **Edit**: 1. Enter a **REST API Client Secret** value. 2. Select or clear the **Enabled** checkbox. When disabled, these credentials are no longer valid for the [PingOne SSO for SaaS Apps Customer Connection API](p14saas_customer_connection_api.html) or [Token Exchange API](p14saas_process_p1_token_exchange.html). 1. Click **Save**. | | | | - | ------------------------------------------------------------------------------------------------------------------------------------- | | | Your **REST API Client ID** value is assigned when you activate your PingOne SSO for SaaS Apps account. This value cannot be changed. | ## Result Any of your clients that use the PingOne SSO for SaaS Apps Customer Connection API will use these credentials. ## Next steps Next, [Redirect users to PingOne SSO for SaaS Apps (SP-initiated SSO)](p14saas_redirect_users_sp_initiated_sso.html).