Manage OAuth Client in the Agendalink App
Register new OAuth client
To register a new OAuth client in the Agendalink app:
- Go to the Settings page
- Go to the API section
- In the OAuth view click the "Register a new client" button
- Fill out the form with the valid data and click "Save"
- Copy the generated token client ID and client Secret
Make sure to copy and store this secret. We won't show it again after you click Proceed or leave this page.
Edit existing OAuth Client
- Go to the Settings page
- Go to the API section
- In the OAuth view click the overflow menu (…) next to your client, click "Edit"
- Provide changes and click "Save"
Delete an OAuth Client
- Go to the Settings page
- Go to the API section
- In the OAuth view click the overflow menu (…) next to your client, click "Delete"
- Confirm the deletion in the dialog modal
Generating new Client secret
- Go to the Settings page
- Go to the API section
- In the OAuth view click on the client item, it should reveal the client's details
- In the "Client Secret" row click "Generate new"
- Copy newly generated secret
Please note that there is a limit of two secrets per client.
Keep your Client's secret safe
Securing your OAuth client secret is critical, and it should be treated with the same level of confidentiality as passwords. To ensure the safety of your client's secret, refrain from sharing it with others, keep it stored in a secure location, and rotate it frequently to minimize the risk of unauthorized access.
Rotating the Client's secret:
Rotating means generating a new secret to replace the existing one, which can help enhance security and prevent unauthorized access.
To rotate your OAuth client secret, follow these steps:
- Generate a new client secret.
- Update any applications or scripts that use the old client secret with the new one.
- Disable the old client secret to prevent any unauthorized access.
- Test the updated applications or scripts to ensure they function properly with the new client secret.
- Delete the old secret once confirmed that the new one has been successfully applied.
To ensure maximum security, it is recommended to enable only one secret per client as having two active secrets may pose a security risk.