OAuth2

Create a client

Until now, there is no UI to create an OAuth client, but you can create one by calling POST /oauth2/client, with a body like:

{
  "name": "Test client",
  "type": "web", // Can be web, mobile, or server
  "redirectUri": [
    "http://localhost:3000/claim"
  ], // An array of redirect uris
  "pkce": false // Can only be false for clients which safely can store secret
}

caution

If you get a clientSecret, store it safely as we can't show it again.

Flows

Authorization code

PKCE

If your OAuth client has no clientSecret, or you set the pkce option of the client explicitly to true, you need to use PKCE.

Generate the PKCE data

Generate a code_verifier
Decide which hashing algorithm you want to use for the code_challenge_method. Available are sha256 and plain.
danger
Use plain only if you can't perform a sha256 hash.
Generate a code_challenge using the hashing algorithm you used for code_challenge_method.

OAuth2

Create a client​

caution

Flows​

Authorization code​

PKCE​

Generate the PKCE data​

danger

Create a client

Flows

Authorization code

PKCE

Generate the PKCE data