To register applications, you must have a valid account with a role such as customer service representative (CSR), customer administrator, or application developer (called App Developer
To register an application, go to My Account Settings
-> Internal Apps
-> Register App
In the Register App
window, after you provide the name and description of your application, select the Enable API Access via OAuth 2.0 Web Server Flow
In the Access Grant Duration
field, you can set the expiration of the refresh token in days. You can set the value for as many as 90 days, but you might decide to set a lower value for security reasons. The value of the refresh token is not the same as the duration for the access token. Access tokens are used to call actual APIs and live only about two hours. However, you can use the refresh token to obtain a fresh access token without having to restart the OAuth flow.
Still in the Register App
window, specify a callback URL. The callback URL provides an additional level of security so that the redirect URI that comes with each new request can be verified against the callback URL. This security component is important because IBM Connections Cloud sends the authorization code and other confidential and sensitive information to this callback URL.
After you click Register
, you can see your application listed on the Internal Apps
page and access the credentials that were generated during the registration process. You can perform various tasks from this page, such as setting properties and resetting credentials.
The OAuth credentials consist of two parts:
- Client ID: A unique identifier for the application.
- Client secret: A unique key with a maximum of 256 characters that is associated with your application. The client secret never expires, so it should be protected. You can reset the client secret by using the Reset Credentials option on the Internal Apps window.
Connections Cloud supports only secure HTTPS-based callback URLs.
Parent topic: OAuth 2.0 APIs for web server flow
Next topic: Step 2: Obtain authorization code