Creating and configuring this OAuth application is the first part of the authentication process for external applications that wish to interact with the Simpplr API.
There are two parts of the authentication equation:
- First a client application must be created and configured
- Custom code must be written to properly authenticate the client application created in Simpplr
Set Up Your Client Application
In order to authenticate, you must first create an OAuth client application. Once created, the client application must be configured with information unique to your application to ensure proper and secure connections are made.
Following are the steps to create the client application:
- Log in to your Simpplr tenant as the app manager user.
- Click on your profile image in the top right corner.
- Select Manage → Application → Integrations → Client application
- Click the Add client application button to open the following form:
Provide the following information:
- Client application name
- Client application ID-—you can generate any random UUID from here.
- Client application description
- Authorization grant type
- If the intention is to consume Simpplr User API, select Authorization code option. When Authorization code option is selected, also enter
- Client redirect URL—The URL the browser will redirect back to after successful authorization. You will receive an authorization code that can be exchanged to get access token
- Optionally, check the Support state parameter in case you want to verify your request. The state query param will be part for your redirect URL
- If the intention is to consume Simpplr B2B API, select Cllient credentials option
- If the intention is to consume Simpplr User API, select Authorization code option. When Authorization code option is selected, also enter
- Click Save
This will create an OAuth 2.0 client application and will provide you with a client ID, client secret, OAuth authorize URL, and OAuth token URL for the tenant.
- For Authorization code grant response would look as below
-
For Client credentials grant response would look as below
It is recommended to keep the base URL configurable for the OAuth authorize URL and OAuth token URL in your custom code.