Changing Access to Axon's Partner APIs
Mar 11, 2021
In a world of software and services, Axon products and solutions address critical agency needs. Delivering a comprehensive end-to-end experience often relies upon the integration of Axon products with other systems and applications. Up until now, access to Axon Evidence APIs required customers to upgrade to a Premium license, complete an NDA, and request that their Evidence instance be enabled for API access. In listening to our customers and our partners, we have been working on a new approach.
On March 23, Axon will be changing our policies to help customers unlock increased value from their Axon investments by enabling platform integration capabilities for all of our customers.
First, Axon will be updating the default setting to enable all agencies to utilize Axon Evidence APIs, irrespective of their license tier. Evidence.com admins will now see a setting on the Security Settings section of their Admin page which they can use to create and manage their application client keys (as indicated by the arrow in the image below).
Second, additional formal agreements are no longer required to access this functionality and create or manage API client keys. This scenario applies to any agency integrating client applications and services from a third party, that does not need any coding or integration scripting of their own.
Third, for agencies that require the ability to actively code against Axon APIs, Axon has deployed a new formal Terms of Service (ToS) agreement that may be accessed and executed from within the MyAxon.com portal, as part of the Axon Developer Community forum. You can learn more about the Axon Developer Community and how to enroll at our blog.
We believe that these three changes will help expand Axon customer capabilities while reducing overhead, and lead to a richer ecosystem of solutions that can benefit a greater number of Axon customers.
Q: Does this weaken my site security?
A: Enabling admin navigation to a page for the creation and management of Client API access keys does not create a security liability for your Evidence.com instance. If no keys are created then the site essentially remains unchanged. As is always the case, when creating keys Axon strongly advises following a few best practices:
- Only integrate secure and trusted software with your Axon Evidence instance.
- When creating keys, restrict permissions to the minimal set of permissions required by the integrating software to achieve your purpose and avoid adding extra permissions that might be “nice-to-have” or “just in case”.
- Store the Client API access key in a secure location and do not share any of the details.
- Generate unique Client API access keys for every software integration.
- Delete Client API access keys as soon as the underlying integration is no longer required.
Q: Will these changes affect my Basic license?
A: No. If you were previously a Premium license customer you will be unaffected. If you were previously a Basic license customer, you will remain a Basic license customer.
Q: I previously signed the NDA. Do I need to sign the new ToS agreement?
A: Yes. The new ToS agreement provides superior protections to any agency that employs contractors or third parties to perform integrations or make use of Axon APIs.
Q: Do I need to join the Axon Developer Community forum and sign the ToS if my agency is only deploying applications and services from others but not developing any of our own?
A: No, you do not need to as long as your agency actions are limited to creating Client API access keys to integrate the offering with your instance of Evidence.com.
Q: What if I want to see the ToS and am willing to sign it but don’t want to join the Axon Developer Community forum on MyAxon.com?
A: For special requests, you can always engage your Customer Success Manager and request their assistance.