Field | Description | |
Name | Specifies the name of the client. The name cannot contain the following characters: & ( ) \ ; , / " : ' < > Note: You cannot create clients with the same Name and Version combination. | |
Version | Specifies the version number of the client. The version cannot contain the following characters: & ( ) \ ; , / " : ' < > Note: You cannot create clients with the same Name and Version combination. | |
Type | Specifies the type of the client according to its ability to communicate with the authorization server. | |
Specify... | When... | |
Confidential | The client is capable of maintaining secure client authentications. When you select client type as Confidential, Integration Server generates a client secret. This client secret will be required by Integration Server when the client makes requests to the OAuth services. Specify Confidential when the OAuth session uses the authorization code grant type, resource owner password credentials grant type, or the client credentials grant type. | |
Public | The client is not capable of maintaining secure client authentications. Specify Public when the OAuth session uses the implicit grant type. For more information, see
Implicit Grant. | |
Description | Optional. Specifies a description of the client. | |
Redirect URIs | Specifies the URIs that the authorization server will use to redirect the resource owner's browser during the grant process. You can add more than one URI at a time by specifying multiple lines, one URI to a line. Press the Enter key to separate lines. If you select the Authorization Code Grant or the Implicit Grant types, you need to enter at least one Redirection URI for the client. | |
Allowed Grants | Specifies the OAuth grant types that the client can use to with Integration Server. Select one or more of the following: Authorization Code Grant Implicit Grant Client Credentials Grant Resource Owner Password Credentials Grant The default is Authorization Code Grant which is the most secure grant type. If you select Authorization Code Grant or Implicit Grant, you need to enter at least one redirect URI for the client. Only confidential clients may use the client credentials and resource owner password credentials grants. You cannot select either of these grants for public clients. If a client requests an access token using a grant that it is not allowed to use, Integration Server will reject the request and return an unauthorized_client OAuth error. |
Field | Description | |
Expiration Interval | Specifies the length of time (in seconds) that the access token is valid. | |
Select... | To... | |
Use OAuth Global Setting | Use the setting specified in the Access token expiration interval field on the OAuth page. This setting is shown in angle brackets. For more information about the Access token expiration interval field, see
Configuring OAuth Settings. | |
Never Expires | Indicate that the access token never expires. | |
Expires in | Specify a specific time interval. Enter the number of seconds that the access token is valid in the field provided. The maximum value is 2147483647. The default is 3600. | |
Refresh Count | Specifies the number of times the access token can be refreshed. Note: Tokens can only be refreshed when using the authorization code grant flow and the resource owner password credentials (ROPC) grant flow. | |
Select... | To... | |
Unlimited | Refresh the access token an unlimited number of times. | |
Limit | Specify the number of times Integration Server can refresh the access token. If you specify any value greater than 0, Integration Server will issue a refresh token to enable the access token to be refreshed the specified number of times. When the access token expires, the client can use the pub.oauth:getToken service to submit a token refresh request to the authorization server. If you specify 0 or leave the Limit field empty, Integration Server does not issue a refresh token. The maximum value is 2147483647. The default is 0. |