OAuth clients page

Key point: Use this page to manage third-party apps that are connected to your PageSeeder server as OAuth 2.0 clients.

This page lists all the OAuth 2.0 clients defined in PageSeeder. OAuth 2.0 clients can use the PageSeeder service API to connect to PageSeeder, as third-party applications or on behalf of existing members. This is the preferred method for allowing external apps to access PageSeeder.

Preceding the table, the current server time is on the right and the total number of applications registered to connect using OAuth2 is on the left. Click the sort icon icon beside any column heading to sort the values: Identifier, Member, Name & Site, App name, Grant type, Created, and Last token issued.

For each client, you can do the following:

  • eye icon view button – click to preview the client details in the OAuth client panel on the right-hand side.

Click the caret-down icon icon to do the following: 

  • pencil icon edit – edit the client details, opens the edit OAuth client panel on the right-hand side.
  • skull icon delete – delete the client.

Registering a client

Click the Register new client button at the bottom left on the page to open the create OAuth client panel.

  • Client name – is a unique name to identify the client.
  • Description – provides additional information about the client but is optional.
  • Website – If the client is a Web app, you can provide the URL of the website to help with identifying it.
  • Grant type – defines the authorization flow used to issue access tokens for the client.
lightbulb icon

For security reasons, you only select one grant type per client. If your app requires a different grant type, register it using multiple clients.

Client credentials

The credentials used to authenticate the client with PageSeeder are the client ID and client secret. They are normally generated upon registration. The client ID is a unique, 16-characters long, hexadecimal identifier for the client. The secret is a generated security string with high entropy.

If you need to register an existing client, for example, when migrating servers, you can manually specify the client ID and secret.

Editing a client

You can edit every aspect of a client except for its client ID, in the edit OAuth client panel.

info-circle icon

If you change the grant type, it doesn’t affect existing tokens, but new tokens have to use the new authorization flow.

Deleting a client

You delete a client to prevent the third-party app from connecting to PageSeeder. A deleted client can no longer issue new tokens.

warning icon

Existing tokens aren’t affected and need to be revoked manually.

How to find this page

Administration menu > tools icon System administration > handshake icon OAuth > Clients