Client app management
On the Client apps tab in OAuth Management, you enter details of client apps that you want to have access to your registered APIs. After you enter client app details, the Authorization Server generates a client ID and client secret. Whenever a client app makes a request to a resource within your registered APIs, the Authorization Server validates that request against the information present in OAuth Management. If any of the details such as client ID, client secret, or redirect URI does not match in an inbound request, the Authorization Server rejects the request.