- What Type of Authentication does Filevine’s API Use?
- Can I Renew an Expired Client ID/Secret?
- What are the Requirements for the User Associated with a Personal Access Token?
- Could my IP Address or network settings be the reason I can't make API calls?
What Type of Authentication does Filevine’s API Use?
Currently, Filevine uses a combination of header/bearer/key and secret authentication. Read more about our current API credentials.
The current authentication method will be deprecated during 2025. Moving forward, the API with be authenticated using personal access tokens (PAT). Read more about PAT.
Can I Renew an Expired Client ID/Secret?
No. The client ID and secret are highly sensitive and should be treated like a password. Anyone using a client ID or secret for an existing integration should be prepared to update their code with a new client ID/secret upon expiration.
If you would like to generate a new secret before expiration, you can do so in the Account Manager, in Access Token > Client Secrets. Read Authenticate Requests to the API Gateway to more details.
What are the Requirements for the User Associated with a Personal Access Token?
Our recommendation is to use a Service Account, which can be found in the Service Accounts Advanced tool. (Click Main Menu > Advanced > Service Accounts.)
If you're creating your own integration using the Personal Access Token method, you can create a service account and select "Adhoc" in the dropdown. Use the following Support article that outlines how to use the Integrations and Service Accounts Advanced tools: https://support.filevine.com/hc/en-us/articles/30444924078747-Enable-a-Certified-Partner-Integration
Could my IP Address or network settings be the reason I can't make API calls?
Filevine no longer supports anonymous IP addresses. VPNs such as NordVPN, Express VPN, and SurfShark may use anonymous IP addresses. The Filevine cloud firewall flags these anonymous IPs as malicious access attempts to Filevine. In 2024, Filevine has taken more aggressive measures to flag anonymous IP addresses as a proactive security enhancement.
Many VPN products can offer a better experience to allow an individual to be identified as legitimate without affecting products like Filevine. We recommend using an established enterprise-grade VPN or using an anonymous VPN service that provides a static IP address. Please see your VPN provider’s documentation for more guidance on how to do this.
If your organization utilizes an anonymous VPN with a static IP address, please reach out to Filevine Support and provide the IP address so that our team can add the address to our authorized-IP list.
Note: As of December 2024, we are working on updating our firewall settings to permit anonymized IPs. This is expected Q1 of 2025.
Comments
0 comments
Article is closed for comments.