Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Applications

            Modified on Wed, 30 Jul, 2025 at 4:50 PM

            TABLE OF CONTENTS

            1. Purpose
            2. Important Notes
            3. Step-by-Step Guide To Add an Application
            4. Common Issues
            5. Frequently Asked Questions


            Purpose

            Applications play an important role in connecting users with software systems. They are designed to help users perform various tasks easily. Beyond user interaction, many applications also connect to different software systems using Application Programming Interfaces (APIs)

            This allows smooth communication, data sharing, and integration with other products or services, improving overall functionality and user experience.



            Important Notes

            • Administrator access is required to add and configure an application.



            Step-by-Step Guide To Add an Application

            1. Navigate to Admin > Application and click on blue add button to the top-right


               

                    2. Specify values on the 'Add Application' form



            Enter appropriate values for the following fields:


            Grant FlowsAuthorisation Code
            Used by web or mobile apps with a backend. The user logs in, and the app gets a code which the backend exchanges for an access token. It’s secure because the token isn’t exposed to the browser.

            Client Credentials
            Used for server-to-server access. No user login is needed. The app uses its own credentials to get a token and access APIs directly. Ideal for background services or internal systems.
            Device Code

            Used by devices like TVs or consoles. The device shows a code, and the user logs in on another device. Once approved, the device gets access. Great for devices without browsers or keyboards.

            Redirect URI

            The Redirect URI is the link where the user is sent after logging in and approving access. It must match exactly what’s registered for the app to make sure the response goes to the right place. This helps keep the login process secure and ensures only the right app gets access.


            Scopes

            		Defines what parts of a user’s data the app wants to access, like their email, profile, or basic info. One common scope is public, which usually gives access to general, non-sensitive information. When the user logs in, they see which scopes the app is asking for and can choose to allow or deny them. This helps protect the user by only giving the app the access it actually needs.
            TrustedIndicates whether the application is considered safe and reliable by the system. If an app is marked as trusted, it may skip the user consent screen during login, making the login process faster. This is usually allowed only for apps owned or managed by the same organisation. Marking an untrusted app as trusted can be risky, so it should only be done for apps that are fully verified and secure.
            ConfidentialThis indicates whether the client can keep secrets securely. If the client is marked "Yes," it means it’s a confidential client, such as a web server with a secure backend that can safely store secret information. If marked "No," it refers to public clients like single-page applications (SPAs) or mobile apps that cannot securely store secrets. This distinction helps apply stronger security measures for clients that can keep information confidential.

            Owner 


            		The "Owner" field specifies the user or account that owns the client registration. It links the client application to a particular user or administrator, ensuring clear responsibility and management. This information is required.



            Common Issues & Troubleshooting


            Redirect URI Mismatch

            • Problem: Error saying, 'redirect URI does not match'.
            • Cause: The URI in the app doesn’t exactly match the one registered.
            • Fix: Make sure the redirect URI is identical, including https and trailing slashes.


            Invalid Client Credentials

            • Problem: 'Invalid client ID or secret' error.
            • Cause: Wrong or outdated client ID/secret.
            • Fix: Check the values from your integration settings and update them.

             


            Frequently Asked Questions

            Do I need a redirect URI for all apps?
            Yes, especially for web and mobile apps using Authorisation Code flow. It ensures tokens are sent to the correct place.

            What is a scope, and why is it needed?
            A scope defines what data the app can access. It helps control what permissions the user is giving.

            Can I reuse the same client credentials for multiple apps?
            Not recommended. Each app should have its own client ID and secret for better security and tracking.

            What happens if I mark an app as trusted?
            Users won’t see a consent screen, which can improve UX but should only be done for secure, internal apps. 

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0