Skip to main content

Setup advice and best practice

Atomic can be set up and configured to suit your needs, from separating production and pre-production concerns, to managing workbench members and API credentials.

Where to manage your Atomic configuration

The Atomic Workbench is the primary interface for configuring and managing your Atomic account, but we also enable your team to manage many aspects of your Atomic setup directly via our Admin API.

ConfigurationManageable in WorkbenchManageable via API
Author a new Card Yes Not recommended.
Note: Card definition JSON schema, while open, is considered private, and may change at any time. Our current recommendation is therefore to author new cards in the Workbench.
Add/update Card and legacy event definitionsYesNot supported
Manage Workbench MembersYesNot supported
Manage Admin API creds/secretsYesNot supported
Manage EnvironmentsYesNot supported
Manage Customer API creds/secretsYesYes. Note: IP Restrictions are a planned upgrade to this capability.
Manage SNS platformsYesYes
Manage WebhooksYesYes
Manage StreamsYesPlanned
Manage Stream ContainersYesPlanned
Manage Client KeysYesPlanned
Manage ThemesYesPlanned
Manage ConnectorsYesNot supported

Environment configuration and access

Atomic customers are typically given one Organization. Each organization contains multiple Environments. Each Environment within an organization is a separate space, with separate configuration.

At a minimum, you will want a Production environment, and you can optionally have one or more additional environments to match your internal setup, for example, your Development, and Test environments.

Workbench members with the 'Environment' resource can manage your organization’s environments within the workbench.

Add an environment

Manage options

Click the 'manage' button in the bottom left corner > Environment > Add environment.

To switch environments in the Workbench, select the drop-down menu near the top left corner in the workbench, and select the Environment you want to switch to.

Switch environments by selecting the dropdown menu in the top left corner Switch environments by selecting the dropdown menu in the top left corner

Managing API credentials

All API credentials are environment-scoped, and each credential is further scoped to the required context. This means you will need to create at least one pair of API credentials for each environment you wish to programmatically access. You can create as few, or many, API credentials as suits your workflow.

API credentials are not associated to with specific workbench members.

Only workbench members with the 'API Authentication controls' resource can manage API credentials within the Workbench. The 'view' permission allows listing the available credentials, 'edit' is required to create or delete and to view credential secrets.

API credentials may only be managed programmatically by a credential pair with the role auth, and may only rotate credential pairs with non-auth roles. auth credential pairs must be rotated manually in the Atomic Workbench.

There are three API credential scopes:

RoleAuthorized to
AuthUsed only to create and rotate other credentials
WorkbenchUsed to manage workbench resources such as cards and SNS platforms
EventsUsed to create cards, and manage customers

Managing workbench user access

Any workbench member invited to an organization is given access within the Environments based on their role, which can be configured to suit your specific needs in Permissions.

By default a new Atomic organization comes with three groups (Owner, Admin, and Editor), each with default permission levels outlined in the Permissions for Default Roles table.

Tips & Tricks

We've moved these into a separate Tips and tricks page.