heaerie sso

Register OAuth 2.1 Client

Create a new OAuth client application

Registration Failed

✓ Client Registered Successfully!

Client ID

client-id-here

Client Secret

client-secret-here

⚠️ Save this secret securely. It won't be shown again.

Configuration Summary

📋 Before You Begin

Configure your OAuth 2.1 client settings below. Public clients (SPAs, mobile apps) don't require a client secret. Confidential clients (server-side apps) will receive a client secret after registration.

Basic Information

Client Name *

A human-readable name for your application SPA Example Mobile Example Server Example

0 / 100

Please enter a valid client name

Client Type *

Public Client (SPA, Mobile)

Confidential Client (Server)

Public clients cannot securely store secrets

Description

OAuth Configuration

Redirect URIs *

Where users will be redirected after authorization

Please add at least one valid redirect URI

Post-Logout Redirect URIs

Where users will be redirected after logout (optional)

Grant Types *

Authorization Code (Recommended)

Refresh Token

Client Credentials (Server-to-Server)

Scopes *

profile

email

read

write

Security Settings

Require User Consent

Users must approve access to their data

Require PKCE (OAuth 2.1)

Proof Key for Code Exchange - highly recommended for security

Access Token Lifetime

Seconds (default: 3600 = 1 hour)

Refresh Token Lifetime

Seconds (default: 2592000 = 30 days)

Reuse Refresh Tokens

If unchecked, refresh tokens are rotated (OAuth 2.1 recommended)