Getting Your Credentials
Introduction
To interact with the Noon Partner APIs, you need to authenticate your requests using a service account. A service account is a non-human identity used by an application or system to authenticate and interact with Noon's APIs on behalf of a seller or partner. This page will walk you through the steps to obtain your authentication credentials.
If you're an integrator, use this guide to get your own credentials. You'll need these to authenticate your API calls to Noon.
However, to access seller projects on behalf of sellers, use the OAuth flow instead. OAuth automatically creates service accounts in your project with access to seller projects - sellers should never manually share their credentials with you. After completing the OAuth flow, you can use the API User Service to programmatically create and manage credentials for the new service accounts.
Prerequisites
- You must have a Noon Partner account that you can use to access the Noon Partner platform. If you don't have an account yet, check Noon's Partner onboarding process to get started.
Credential Details & Limits
Before proceeding, here are some important details about the service account credentials:
- Session lifetime: 30 days
- Quota: Each partner can create 1 service account from the seller portal
- A service account can have maximum 5 keys - although we do not recommend having multiple active keys.
- You may deactivate a key if you suspect misuse (deactivation is immediate and subsequent logins for that key will fail).
Getting Authentication Credentials
- Go to the Access App OR Navigate to User access in the User & Access section
- Navigate to API Users from the left sidebar.
- Click "Add Service Account" to create a new service account.
- This will be needed to authentication with our APIs.
- Fill in the Display Name and Username.
- Optionally, whitelist IPs and set an expiry for the key.
- If whitelist IPs are not set, the key will be valid for all IPs.
- If an expiry is not set, the key will be valid forever.
- To grant the service account access to your project, select a suitable role that the service account will need. You can also grant multiple roles to a service account.
- After clicking "Add", a .json file will be downloaded to your machine and that file is used as mentioned in the Authenticating Your Requests guide.
Need to create or rotate credentials programmatically? Use the API User Service to manage service account credentials via API — without logging into the portal. The downloaded .json key file contains a channel_identifier, which the API User Service accepts in place of a user_code when identifying the target service account.