Register a client app
If a developer wants a client app to use your API content, you need to first register this client app in OAuth Management. The registration process involves entering basic client app details, redirect URIs, and registered APIs to be accessible by the client app. If desired, you can edit a registered client app at any point in the future.
Before you begin
- Ensure that you registered at least one identity provider to authenticate resource owners. See Register an identity provider.
- Gather all client app details from the application developer who requested the service.
- Go to .
- Select the Client apps tab.
- Click Register client app.
In the Register client
app window, in the Client app name
field, enter the name under which you want to register the client app.
Resource owners see the client app name on the second consent page when they grant the client app permissions to use their data.
- In the Client app developer field, enter the name of the developer on behalf of whom you are registering the client app.
In the Authorization grant
types field, select the authorization grant flow types that the
client app can use in communication with the Authorization Server.
The authorization code grant flow is about sending to a client app an authorization code that the client app exchanges for access and refresh tokens. It’s the most secure option suitable for confidential client apps. The implicit grant flow involves sending an access token directly to a client app and is suitable for public client apps. The client credentials flow is best for trusted client apps that act as resource owners.
If you selected Authorization
code or Implicit in the
grant types, in the Redirect URIs
field, enter at least one address where the Authorization Server should redirect
the user after a successful authorization of the client app.
The client credentials flow does not use redirect URIs because resource owners in the traditional sense (end users) do not take part in the flow.
In the APIs field,
select the registered APIs that you want to make accessible to the client
You can select from registered APIs that meet the following criteria:
- The API is associated with your current account context.
- The API has OAuth 2.0 enabled in API Definitions.
- The API’s hostnames belong to non-mutually-exclusive geographic areas. For example, the hostnames do not point to both China and Russia CDNs.
- The API’s hostnames are associated with the same certificate type. For example, all hostnames use a standard TLS certificate.
The client app appears on the client app list. To edit a registered client app or view the client ID and client secret, click its corresponding Client app name link.