Authorization

Follow this guide to create a new Experian API credential that will allow Nexla to authenticate to and exchange data with your Experian account.

Experian API

Prerequisites

To connect Nexla to the Experian API, you must have an active Experian Developer Portal account with an application registered to obtain OAuth 2.0 credentials. Experian uses the OAuth 2.0 password grant type, which requires a username, password, Client ID, and Client Secret to obtain bearer access tokens for API calls.

Register for the Experian Developer Portal

Access to the Experian API is managed through the Experian Global Developer Portal at developer.experian.com.

1. Navigate to developer.experian.com/sso/register to create a new Developer Portal account.

2. Complete the registration form and verify your email address. Once your account is confirmed, you can sign in and begin creating applications.

Developer Portal credentials (username and password) are used both for signing in to the portal and for generating OAuth 2.0 access tokens via the API. Experian Developer Portal passwords expire 90 days after creation or last change — plan to rotate your password and update your Nexla credential accordingly.

Create an Application and Obtain Client Credentials

Each Experian API integration requires a registered application, which provides the Client ID and Client Secret used for authentication.

1. Sign in to the Experian Developer Portal at developer.experian.com.

2. Navigate to the My Apps section from the top navigation bar.

3. Click the Add New App button.

4. Enter a descriptive name for your application (for example, Nexla Integration) and select the Experian API products your integration requires.

5. Click Save (or the equivalent confirmation button) to create the application.

6. After the application is created, the portal displays a Client ID and Client Secret for the application. Copy both values and store them in a secure location.

Important

The Client Secret is displayed only once after application creation. Store it immediately in a secure location such as a password manager or secrets vault. If you lose the Client Secret, you will need to regenerate it in the Developer Portal, which will invalidate the previous secret for any existing integrations.

Determine the Token Endpoint

Experian provides separate sandbox and production environments with distinct token endpoints:

• Sandbox: https://sandbox-us-api.experian.com/oauth2/v1/token
• Production: https://us-api.experian.com/oauth2/v1/token

Use the sandbox endpoint for development and testing. Switch to the production endpoint when your integration is ready for live data.

Experian uses a regional API structure. The endpoints above are for the United States region. For other regions, refer to the Experian Global Developer Portal or your Experian account representative for the appropriate regional endpoint.

Create an Experian API Credential

• To create a new Experian API credential, after selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.

Credential Name & Description

1. Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.

   Resource descriptions are recommended but are not required. They should be used to provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.

OAuth 2.0 Authentication Configuration

Experian API authentication uses the OAuth 2.0 password grant type. Nexla uses your Developer Portal credentials together with your application's Client ID and Client Secret to obtain a bearer access token automatically before making API calls.

2. Enter your Experian Developer Portal username in the Username field. This is the email address or username you use to sign in to developer.experian.com.

3. Enter your Experian Developer Portal password in the Password field. This is the same password used to sign in to the Developer Portal.

4. Enter the Client ID for your registered application in the Client ID field. This value was generated when you created your application in the My Apps section of the Developer Portal.

5. Enter the Client Secret for your registered application in the Client Secret field. This confidential key was displayed once at the time of application creation. It is paired with the Client ID to authenticate token requests.

6. Enter the OAuth 2.0 token endpoint URL in the Token URL field. Use https://us-api.experian.com/oauth2/v1/token for production or https://sandbox-us-api.experian.com/oauth2/v1/token for the sandbox environment.

Nexla sends a POST request to the token endpoint with your username, password, client_id, and client_secret to obtain a bearer access token. This token is then included automatically in the Authorization header of all subsequent API calls as Bearer {access_token}. Tokens expire after a set interval — Nexla handles token refresh automatically based on the expiration time returned by Experian.

Save the Credential

7. Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.

8. The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.