Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Registering a new client is something that can only be performed by the administration user of the the authorisation server. The admin interface is not publicly exposed:

Creating a new client is explained or adding an extra valid redirect url is explained here

 2 example configurations are available in QA:

...

  • Standard Flow Enabled: YES
  • Implicit Flow Enable: NO
  • Access Type : Confidential
  • Valid redirect url: needs to be provided by client, this is not just a domain but also the scheme! (e.g.: https://my-url.be is ok, my-url.be is not ok)
  • client needs: 
    • client-id (case sensitive)
    • client secret (see credentials tab) → client needs to store this (web)server side, never client side!.

...

Retrieving the access token

...