Authentication and Authorization

The Skillsoft Platform API is protected by Service Accounts. A service account is a dedicated entity in the platform used for authenticating API calls. It contains a bearer token that is used for authorization of Skillsoft Platform REST API requests.

A service account is similar in concept to a user account in these ways:

  • It lives within an organization.
  • It has a secret security credential attached to it.
Note: Please contact your Skillsoft Account Team for assistance with setting up a service account.

 

Your organization can have a number of service accounts. Each account can be granted permission to access only the required Skillsoft Platform APIs, and each has its own unique bearer token. Service accounts may be configured with an expiration date and can also be deactivated as needed.

As a best practice, each system you integrate with should use its' own service account. This way, if that system is removed from your learning ecosystem, you don’t have to worry about lingering access. Similarly, if you contract with a third-party to implement an integration, it's recommended to provide them with a temporary service account.