OAuth Applications Management

Admins can register OAuth Applications in CRM so that external or first‑party apps can obtain access tokens for client portal users.

Register an OAuth Application

Admin can register a new OAuth Application in CRM Backoffice -> Dev Space -> OAuth Applications.

Create OAuth Application

  • For Public Client, only Authorization Code + PKCE flow is supported. You must register your allowed redirection URL(s)
  • For Public and Confidential Client, you must register allowed IP(s) for your application(s).

After registering an OAuth Application, this page will be displayed. View OAuth Application

  • Client ID and Client Secret should be kept securely in your application.
  • Client Secret is only displayed once, if you lose it, you can generate a new one by clicking the "Rotate" button.

Security Tips

  • Rotate client_secret periodically for confidential clients.
  • Remove stale redirect URIs.
  • Revoke clients that are no longer in use.
Last Updated: