To enable OAuth support for your client application, you must first register your application by providing an application name. For code and implicit grant types, you have to provide a callback URL. Follow the instructions below to add a new application.
- Expand the OAuth/OpenID Connect Configuration and click Configure.
- Fill in the form that appears. For the Allowed Grant Types you can disable the ones you do not require or wish to block.
- Click Add. The following information is added for your service provider.
- OAuth Client Key - This is the client key of the service provider, which will be checked for authentication by the Identity Server before providing the access token.
- OAuth Client Secret - This is the client secret of the service provider, which will be checked for authentication by the Identity Server before providing the access token. Click the Show button to view the exact value of this.
Tip Tip: The OAuth client key and client secret are stored in plain text. To encrypt the client secret, access token and refresh token, do the following:
Open the
identity.xmlfile found in the<IS_HOME>/repository/conf/identitydirectory and change the<TokenPersistenceProcessor>property as follows:Code Block language xml <TokenPersistenceProcessor>org.wso2.carbon.identity.oauth.tokenprocessor.EncryptionDecryptionPersistenceProcessor</TokenPersistenceProcessor>
When filling out the New Application form, the following should be taken into consideration.
...