Authenticate to Advanced Identity Cloud REST API

The Identity Cloud REST API has two different authentication methods, depending on what you are trying to achieve:

Use an API key and secret for read-only operations.
Examples: Advanced Identity Cloud monitoring and logging.
Use an access token for access management operations or identity management operations.
Examples: Setting up authentication journeys or policies; configuring user profiles, roles, or assignments.

Summary of authentication methods

The following table summarizes the REST API endpoints and their different authentication methods:

REST endpoints Authentication method

REST endpoints	Authentication method
`/monitoring/health` `/.well-known/*` (for `GET` requests)	Not applicable (publicly accessible endpoint)
`/monitoring` `/logs`	API key and secret. Learn more in Authenticate to Advanced Identity Cloud REST API with API key and secret.
`/am/` `/openidm/` `/.well-known/` `/environment/certificates`, `/environment/csrs` `/environment/content-security-policy/` `/environment/cookie-domains` `/environment/custom-domains` `/environment/promotion/*` `/environment/restart`, `/environment/secrets`, `/environment/variables` `/environment/sso-cookie`	Access token Learn more in Authenticate to Advanced Identity Cloud REST API with access token.

Not applicable (publicly accessible endpoint)

API key and secret.

Access token