Registering a Client Application

An application must be registered as an OAuth 2 Client using the identity domain. OAuth clients are HTTP clients that can get and then use an access token.

Complete the following steps to use an OAuth client to access identity domains REST API:

1. Sign in to the identity domain using the username and password found in your Welcome email.

2. Create an OAuth client application and make note of the client ID and client secret.

   Note
   
   When you configure the OAuth client application, select the application roles that you want to assign to the application. This enables your application to access the REST APIs that each of those assigned application roles can access. Each application role has scopes assigned to it that define an even more fine-grain level of access to API operations. For example, select Identity Domain Administrator from the list. All REST API operations available to the identity domain administrator will be accessible to the application.

3. Use the client ID and client secret to request an access token from the IAM OAuth Service.

4. Include the access token in the appropriate HTTP header when you make REST API calls.

More Information

• For more information on registering a client application, see Registering a Client Application.

• For more information on grant types, see Access Grant Types.

• To walk through the steps yourself, see Using OAuth 2 to Access the REST API.

• For a list of all available endpoint operations and the application roles required to access them, see AppRole Permissions.

• For a list of which AppRoles can be granted to both clients and users and which can only be granted to clients, see AppRoles That Can Be Granted to Clients and Users.