Clients
A Client represents any application, service, or person that calls your APIs through Zerq. Create a client for each distinct consumer: a mobile app, a partner service, an internal microservice, or an AI agent.
Creating a Client
- Go to Clients in the sidebar
- Click New Client
- Fill in the details:
| Field | Description |
|---|---|
| Name | Identifying name (e.g., "Acme Corp App", "Internal Analytics Service") |
| Description | Optional notes about this client |
| Contact email for this client | |
| Collections | Which API collections this client can access |
| Policy | Rate limit policy to apply (optional) |
| Developer Portal access | Whether this client can sign in to the Developer Portal |
| Authorized emails | Email addresses allowed to sign in to the portal (if portal access is enabled) |
- Click Create
A default access Profile is automatically created for the client with token authentication.
Managing collection access
The most important setting is which collections the client can access. A client can only call endpoints within its assigned collections.
To update collection access:
- Open the client
- Click Edit
- Check/uncheck collections
- Save
Changes take effect immediately on the next request.
Client status
Toggle a client between active and inactive:
- Active: can make API calls
- Inactive: all requests are rejected with
403 Forbidden
Use inactive status to temporarily suspend a client without deleting it.
Developer Portal access
The Developer Portal uses a managed access model — there is no self-service registration. You must explicitly grant access for a client and list the authorized email addresses.
Enabling portal access
- Open the client and click Edit.
- Toggle Developer Portal access to On (
hasPortalAccess: true). - Note: This toggle is independent of the client's
activeflag. A client can be active for API access but still have portal access disabled. - Click Save.
Authorized emails
The Authorized emails list controls which email addresses can request a magic-link login for this client:
- Add the primary email (already set on the client) plus any additional emails.
- Each authorized email can independently request a magic link.
- Emails not on the list cannot sign in, even if they know the portal URL.
- Add or remove emails at any time — changes take effect immediately.
Example: a client representing "Acme Corp" might have:
[email protected]— primary contact[email protected]— developer[email protected]— developer
All three can sign in to the portal and see the same Acme Corp collections.
Once logged in, portal users see only the collections assigned to this client.
Viewing a client's profiles
Each client can have multiple Profiles — different authentication configurations. Open a client and navigate to Profiles to manage them.
→ See Profiles
Editing and deleting
- Edit: Update name, description, email, collection access, policy, or portal settings
- Delete: Permanently removes the client and all its profiles. All active API calls from this client will fail immediately.
Client ID
Every client has a system-generated Client ID (UUID). This is the value clients send in the X-Client-ID header with every request. The Client ID is visible in the client detail view.
Quota tracking
If a policy with a quota is attached, Zerq tracks the client's usage against the quota limit. You can see the current usage on the client detail page.
Related docs
- Profiles — auth configuration and credentials per client
- Policies — rate limits and quotas attached at client level
- Authentication Methods — supported auth types