Profile Switching
The Developer Portal shows all active profiles for your client in a profile selector dropdown. Switching profiles changes the auth headers and restrictions used for all endpoint testing and API calls in the current session.
How it works
When you're logged in to the Developer Portal:
- The profile selector dropdown is visible in the portal layout header.
- Each profile is listed with its auth type as a badge (e.g. TOKEN, JWT, OIDC, mTLS, NONE).
- Selecting a profile immediately updates:
X-Profile-ID— changes to the selected profile's IDAuthorizationheader — changes to the token/credential for the selected profile
- The auth headers panel on the collection detail page refreshes to show the new values.
- The testing console uses the selected profile for all subsequent requests.
Profile selector
The selector shows:
- Profile name (e.g.
production,sandbox,read-only) - Auth type badge (token type shown next to the name)
- Active / inactive state (inactive profiles are greyed out)
Select a profile to switch context. Your selection is saved and restored between sessions.
Typical profile modes
| Profile | Auth Type | When to use |
|---|---|---|
sandbox | Token | Early development and exploratory testing |
production | mTLS / OIDC | Live traffic validation |
read-only | Token | Testing GET-only access |
internal | None | Internal services on trusted network |
What changes when you switch
| Item | Behaviour |
|---|---|
X-Profile-ID header | Updates to the new profile's ID |
Authorization header | Updates to the new profile's token/credential |
| Testing console | All subsequent requests use the new auth context |
| Auth headers panel | Copy buttons now copy the new profile's header values |
| Rate limits | Apply per-profile — switching to a different profile resets the rate limit context |
| Allowed methods | The new profile's allowed_methods restriction applies |
| IP restrictions | The new profile's IP allowlist applies |
Practical guidance
- Always verify you're on the correct profile before sending test requests — a
403in production testing might just mean you're still on the sandbox profile. - After switching to a production profile, re-run your test request to confirm it succeeds under production auth.
- If the profile selector is empty, your client has no active profiles — contact your admin.
Related docs
- Auth Headers Panel — copy header values for the selected profile
- Testing Console — send live requests
- Profiles — how admins create and manage profiles