Separate credentials authorization type

The separate credentials authorization type uses distinct OAuth 2.0 client keys and secrets to secure outbound distribution event notifications and inbound API requests for your product integration. We recommend that you create products using this model, and that you migrate existing products to this model.

📝 Note Previously, it was possible to use shared credentials but that option is no longer available. Shared credentials use the client (consumer) key and secret to verify signed event notifications that are sent to configured endpoints, and to sign incoming API requests for product integration (for example, to retrieve details of an event). Credentials that you created with the shared credentials type continue to work. However, for enhanced security, we recommend that you migrate existing products that use shared credentials to the separate credentials type. If you do this, you cannot revert back to shared credentials after you save your changes.

The following sections describe the separate credentials authorization type in more detail:

Validate outbound event notifications

Authorize inbound API requests