API Configuration: Enable the XML API and Configure Custom Fields

Management > API Configuration

API :: Configuration

Enable XML API

Choose to enable the Bomgar XML API, allowing you to run reports and issue commands such as starting or transferring sessions from external applications, as well as to automatically back up your software configuration.

Note: Only the Command, Reporting, and Client Scripting API calls are enabled/disabled by this setting. Other API calls are configured under Public Portals. See the API Programmer's Guide for more details.

Enable Archive API

Choose to enable the state archive API to download logs of the Bomgar Appliance's state and of events that occurred on a given date. For more details, see the API Programmer's Guide.

API :: Accounts

An API account stores all of the authentication and authorization settings for the API client. At least one API account is required to use the API, either in conjunction with the Integration Client, with a third-party app, or with your own in-house developed software.

Note: Prior to 16.2, a user account was used to authenticate to the API. This method has been deprecated, though for customers already using this method, it is still supported for backward compatibility.

Create New API Account, Edit, Delete

Create a new account, modify an existing account, or remove an existing account.

API :: Account :: Add or Edit


Create a unique name to help identify this account.


Add comments to help identify the purpose of this account.


If checked, this account is allowed to authenticate to the API. When an account is disabled, all OAuth tokens associated with the account are immediately disabled.


Select the areas of the API this account is allowed to use. For the Command API, choose to deny access, to allow read-only access, or to allow full access. Under Reporting API, set if this account has access to support session reports and recordings, presentation session reports and recordings, license usage reports, and/or archive reports. Also set if this account can use the Backup API, the Real-Time State API, and/or the Endpoint Credential Manager API.

Network Restrictions

List network address prefixes from which this account can authenticate.

Note: API accounts are not restricted by the network prefixes configured on /login > Management > Security. They are restricted only by the network prefixes configured for the API account.

Authentication Settings

The OAuth client ID and client secret are used to create OAuth tokens, necessary for authenticating to the API. For more information, see the API Guide.

OAuth Client ID

The OAuth client ID is a unique ID generated by the appliance. It cannot be modified. The client ID is considered public information and, therefore, can be shared without compromising the security of the integration.

OAuth Client Secret

The OAuth client secret is generated by the appliance using a cryptographically secure pseudo-random number generator.

Note: The client secret cannot be modified, but it can be regenerated on the Edit page. Regenerating a client secret and then saving the account immediately invalidates any OAuth tokens associated with the account. Any API calls using those tokens will be unable to access the API.

API :: Custom Fields

Create custom API fields to gather information about your customer, enabling you to more deeply integrate Bomgar with your existing programs. Custom fields must be used in combination with the Bomgar API. See the API Programmer's Guide for more details.

Create New Field, Edit, Delete

Create a new field, modify an existing field, or remove an existing field.

API :: Custom Fields :: Add or Edit

Display Name

Create a unique name to help identify this field. This name is displayed in the representative console as part of the session details.

Code Name

Set a code name for integration purposes. If you do not set a code name, one is created automatically.

Show in Representative Console

If you check Show in Representative Console, this field and its values will be visible wherever custom session details are displayed in the representative console.