Phin Security

Access Your Phin Security API and Programmatic Data

The Phin API enables partners to programmatically access their data by first enabling the API in the Phin Portal, where they receive a one-time client_secret required for access, which must be securely stored and can only be rotated through the Partner Integrations page in the portal, with rotation invalidating previous secrets and necessitating updates to all services using the old secret.

The Phin API allows partners to access their data programmatically.

The API must be enabled through the Phin Portal. See the Quick Start to get started, or refer to the API Reference for specific information.

Handling Secrets (Security)

Where can I get my secret?

Your client_secret is needed to access the Phin API. You can only obtain your secret by enabling the Phin API in the Phin Portal.

You can only see this secret one time. You must take note and handle the client_secret. If you lose your client_secret you will need to rotate the client_secret in the Phin Portal and update any places where you use this secret.

How can I rotate my secret?

Your secret can only be rotated through the Phin Portal.

Make sure you are at the Partner level in the Phin Portal. Then, go to the Partner Integrations Page and click on “Phin API”. On this page, if you have enabled the Phin API, you will see a button to rotate the secret on the right panel at the bottom.

Rotating your secret will invalidate any existing secrets. Any services using the invalidated secret will need to be updated to use the new client_secret.