Production Accounts

Production Account Defined

A "Production Account" is a full instance of The Predictive Index (PI) software platform account used by a client or partner to serve ongoing business processes and people. This instance is separate from a Sandbox account used for testing and development, though some testing may occur in a Production account. All PI instances run in the same server environment, whether Production or Sandbox accounts, but they use a completely separate data space. Production accounts are obtained by entering into a client or partner contractual relationship with PI. 

Access Required to a Production Account

To set up and test an API integration with a PI Production instance may require not only access to the API but also the ability to log into the PI instance as an admin user and configure certain settings and/or test certain outcomes. Implementing an integration with a Production account involves three preparation actions: 

  • API Access activation
  • API Key generation
  • Admin user account creation

API Access Activation

By default, PI instances do not have API Access turned on. This must be requested by the client or their PI Certified Partner by sending a request to the PI Customer Service team who can enable API Access. In the request, simply ask to "Ensure that API Access is turned on for ABC Client production PI account." 

API Key Creation

Integration with a production PI instance requires an API Key to be created for use by the integration. This API Key should belong to a new user created for this specific purpose using a name and email address that will become the default contact for assessment takers who have questions about the assessment. 

The Account Owner or Account Admin users for a PI Client have the authority to create such a new user and grant the correct permissions. 

Follow this article to understand the steps and decisions that go into generating a new API Key:

Generating an API Key

If a new email address must be created to serve the API Key Owner user, remember that the integration setup can proceed as soon as the user account is created and an API Key generated. It is not necessary to wait for the email address to be created before the API Key can be activated and installed. However, the new email address should be "real" before actual assessments are sent out using the integra

User Account Creation

Only the PI instance account users with role Account Owner or Account Admin may grant additional users access to that account -- The Predictive Index does not manage users on behalf of clients except by account owner request through the PI Customer Service team.  

A developer of an API integration may require some access to a PI instance as a logged-in user for the purpose of Production go-live configuration and testing. To obtain this access, a developer should contact an account owner or admin user and request that a new Organization User. If access is to be granted by creating a Third-Party User account, the PI Certified Partner must perform this action.

If a developer is an employee of the client organization, they should be given a user account that uses their own name and email address. 

If a developer is not an employee of the client organization but belongs to an integration solution provider who will have an ongoing support relationship with the client, individual Third-Party User accounts can be created by the PI Certified Partner for each developer user. Or it may be useful to create a general user account to be used by the provider team that can be enabled and disabled as needed whenever a member of the provider team must do something. Such a user account might be given a name and email address that include the provider company name, using an email domain that is controlled by the client. For example, for a provider name XYZ Provider and a client name ABC Client, the email address might be xyzprovider.pi.admin@abcclient.com with the name "XYZ Provider Admin". The client should create a real email address to be used for this account that delivers mail to someone who manages the integration developer relationship.

Sending Sensitive Information

Upon creating an API Key or an Admin user account for use by an developer, it is important to avoid sending this information in plain text in an email message. Email messages have an extraordinary tendency of remaining "in the system" for a very long time and therefore potentially exposing sensitive credentials and powerful API Keys to persons who should not access them. Email is not secure.

To send these sensitive pieces of information, one can utilize a temporary encrypted storage service which is accessed by a link that is only useful for a fixed period of time. For example, these services claim to offer secure temporary encrypted message delivery:

Another strategy is to communicate credentials using a chat or messaging tool that supports real deletion of messages.