OAuth clients page
Key point: Manage third-party applications connected to your PageSeeder server using OAuth 2.0 authentication.

This page lists all the OAuth 2.0 clients defined in PageSeeder. OAuth 2.0 clients can use the PageSeeder service API to connect to PageSeeder, as third-party applications or on behalf of existing members. This is the preferred method for allowing external apps to access PageSeeder.

At the top of the page, you can see the current server time (right) and the total number of registered OAuth 2.0 clients (left).

Search filters

Narrow down the list of clients using these filtering tools:

  • Text filter – Search by client identifier, member name, client name, or app name.
  • Grant type – Filter by specific OAuth grant type.
  • Scope – Filter by one or multiple scopes (shows clients matching all selected scopes).

Clients table

The table displays all registered OAuth clients with sortable columns:

  • Identifier
  • Member
  • Name & Site
  • App name
  • Grant type
  • Scope
  • Created
  • Last token issued

Click the icon beside any column heading to sort the values.

For each client, you can:

  • view button – Preview the client details in the OAuth client panel on the right-hand side.
  • edit – Edit the client details – opens the edit OAuth client panel on the right-hand side.
  • delete – Delete the client.

Registering a client

Click the Register new client button, at the bottom left on the page, to open the create OAuth client panel.

  • Client name – Is a unique name to identify the client.
  • Description – Provides additional information about the client – it is optional.
  • Website – If the client is a Web app, you can provide the URL of the website to help with identifying it.
  • Grant type – Defines the authorization flow used to issue access tokens for the client.

For security reasons, you only select one grant type per client. If your app requires a different grant type, register it using multiple clients.

Client credentials

The credentials used to authenticate the client with PageSeeder are the client ID and client secret. They are normally generated upon registration.

  • The client ID is a unique, 16-characters long, hexadecimal identifier for the client.
  • The secret is a generated security string with high entropy.

If you need to register an existing client, for example, when migrating servers, you can manually specify the client ID and secret.

Editing a client

You can edit every aspect of a client, except for its client ID, in the edit OAuth client panel.

If you change the grant type, it doesn’t affect existing tokens, but new tokens have to use the new authorization flow.

Deleting a client

You delete a client to prevent the third-party app from connecting to PageSeeder. A deleted client can no longer issue new tokens.

Existing tokens aren’t affected and need to be revoked manually.

How to find this page

Administration menu >  System administration > OAuth > Clients