Creating an OAuth App
Before you can use OAuth 2.0 to authenticate users, you need to register your application with iiniit. This guide will walk you through the process of creating an OAuth app.
Prerequisites
To create an OAuth app, you need:
- An iiniit account
- A clear understanding of your application's requirements
- The redirect URI(s) where users will be sent after authorization
Step 1: Access the Developer Portal
Log in to your iiniit account and navigate to the Developer Portal at Developer Portal.
Step 2: Create a New Application
In the Developer Portal, click on the "Applications" tab, then click the Create App button.
Step 3: Fill Out the Application Details
Fill out the application registration form with the following information:
- Application Name: A descriptive name for your application
- Application Description: A brief description of what your application does
- Application Website: The URL of your application's homepage
- Redirect URIs: One or more URIs where users will be redirected after authorization
- Application Type: Select the type of application you're building (Web, Mobile, Desktop, etc.)
Important: Redirect URIs must be exact matches, including trailing slashes and case sensitivity. For security reasons, wildcards are not allowed.
Step 4: Create the Application
Review your application details and click the "Create Application" button to register your OAuth app.
Step 5: Select Scopes
Select the scopes (permissions) your application needs. Only request the minimum scopes necessary for your application to function.
Step 6: Generate Secrets
After creating your application, you can generate client secrets. These secrets are used to authenticate your application when making API requests.
Step 7: Obtain Client Credentials
After creating your application, you'll be provided with a Client ID and Client Secret. These credentials are used to authenticate your application when making OAuth requests.
Example Client Credentials
Client ID:
abc123def456ghi789jklClient Secret:
xyz987wvu654tsr321qpoSecurity Warning: Keep your Client Secret confidential. Never expose it in client-side code or public repositories.
Step 8: Configure Your Application
Configure your application to use the Client ID and Client Secret for OAuth authentication.
Managing Your OAuth App
After creating your OAuth app, you can manage it from the Developer Portal:
- Edit Application Details: Update your application's name, description, website, etc.
- Modify Redirect URIs: Add or remove redirect URIs
- Update Scopes: Change the permissions your application requests
- Regenerate Client Secret: If your client secret is compromised, you can generate a new one
- Delete Application: Remove your application if it's no longer needed
Next Steps
Now that you've created your OAuth app, you can:
- Learn how to authenticate users with your OAuth app
- Understand authorization and how to request specific permissions
- Learn about refresh tokens and how to maintain long-lived access