> ## Documentation Index
> Fetch the complete documentation index at: https://confidence.spotify.com/llms.txt
> Use this file to discover all available pages before exploring further.

# OAuth Apps

> Learn about Confidence and third-party apps.

export const HowToSchema = ({name, description, steps = []}) => {
  const schema = {
    "@context": "https://schema.org",
    "@type": "HowTo",
    name,
    description
  };
  if (steps.length > 0) {
    schema.step = steps.map((s, i) => ({
      "@type": "HowToStep",
      position: i + 1,
      name: typeof s === "string" ? s : s.name,
      text: typeof s === "string" ? s : s.text || s.name
    }));
  }
  return <script type="application/ld+json" dangerouslySetInnerHTML={{
    __html: JSON.stringify(schema)
  }} />;
};

<HowToSchema
  name="OAuth Apps"
  description="Learn about Confidence and third-party apps."
  steps={[
{
  name: "Create an OAuth App",
  text: "To create an OAuth App, pass a name, description, and callback URLs. Response: After you've created the OAuth App, you receive a clientId and clientSecret that you can use to get an access token from the OAuth API at https://auth.confidence.dev/oauth/token. You may only use one of the following grant types: implicit, authorization_code, or refresh_token. For more information on grant types, see the Auth0 grant types guide. For details on obtaining access tokens, see the Auth0 access token guide.",
},
{
  name: "Get an OAuth App",
  text: "You can get an OAuth App by passing the name of the app to the following endpoint. Response:",
},
{
  name: "Delete an OAuth App",
  text: "You can delete an OAuth App by calling the delete endpoint. This does not revoke any already-issued access tokens.",
},
]}
/>

OAuth Apps is a way for third-party applications to access Confidence on behalf of a user. With an OAuth App, you can, for example, develop your own application that accesses Confidence.

## Create an OAuth App

To create an OAuth App, pass a name, description, and callback URLs.

```bash theme={null}
curl -X POST "https://iam.confidence.dev/v1/oauthApps" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "displayName": "My OAuth App",
    "description": "Test app",
    "logoUri": "https://confidence.spotify.com/logo.png",
    "allowedCallbackUrls": [
      "https://confidence.spotify.com"
    ],
    "allowedLogoutUrls": [
      "https://confidence.spotify.com"
    ],
    "allowedWebOrigins": [
      "https://confidence.spotify.com",
      "http://localhost:3000"
    ]
  }'
```

Response:

```json theme={null}
{
  "name": "oauthApps/vkq6qw3qp6nbefxgbkr0",
  "displayName": "My OAuth App",
  "clientId": "vrBQfwAz8qesNWE84BAImPzCnkAhql7u",
  "clientSecret": "PWySgGDYi5gnxCRTNEI29UFalrlF_m2fhZOiiEw_YFVeCxoPHeQlE5m4kid-WtNB",
  "description": "Test app",
  "logoUri": "https://confidence.spotify.com/logo.png",
  "allowedCallbackUrls": [
    "https://confidence.spotify.com"
  ],
  "allowedLogoutUrls": [
    "https://confidence.spotify.com"
  ],
  "allowedWebOrigins": [
    "https://confidence.spotify.com",
    "http://localhost:3000"
  ],
  "createdBy": "users/xa8cecs2cc9xsz8jvgmc",
  "updatedBy": "users/xa8cecs2cc9xsz8jvgmc",
  "labels": {},
  "createTime": "2023-08-31T11:25:11.536748Z",
  "updateTime": "2023-08-31T11:25:11.536748Z"
}
```

After you've created the OAuth App, you receive a `clientId` and `clientSecret` that you can use to get an access token from the OAuth API at `https://auth.confidence.dev/oauth/token`. You may only use one of the following grant types: `implicit`, `authorization_code`, or `refresh_token`. For more information on grant types, see the [Auth0 grant types guide](https://auth0.com/docs/get-started/applications/application-grant-types). For details on obtaining access tokens, see the [Auth0 access token guide](https://auth0.com/docs/secure/tokens/access-tokens/get-access-tokens).

## Get an OAuth App

You can get an OAuth App by passing the name of the app to the following endpoint.

```bash theme={null}
curl -X GET "https://iam.confidence.dev/v1/oauthApps/vkq6qw3qp6nbefxgbkr0" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN"
```

Response:

```json theme={null}
{
  "name": "oauthApps/vkq6qw3qp6nbefxgbkr0",
  "displayName": "My OAuth App",
  "clientId": "vrBQfwAz8qesNWE84BAImPzCnkAhql7u",
  "clientSecret": "PWySgGDYi5gnxCRTNEI29UFalrlF_m2fhZOiiEw_YFVeCxoPHeQlE5m4kid-WtNB",
  "description": "Test app",
  "logoUri": "https://confidence.spotify.com/logo.png",
  "allowedCallbackUrls": [
    "https://confidence.spotify.com"
  ],
  "allowedLogoutUrls": [
    "https://confidence.spotify.com"
  ],
  "allowedWebOrigins": [
    "https://confidence.spotify.com",
    "http://localhost:3000"
  ],
  "createdBy": "users/xa8cecs2cc9xsz8jvgmc",
  "updatedBy": "users/xa8cecs2cc9xsz8jvgmc",
  "labels": {},
  "createTime": "2023-08-31T11:25:11.536748Z",
  "updateTime": "2023-08-31T11:25:11.536748Z"
}
```

## Delete an OAuth App

You can delete an OAuth App by calling the delete endpoint. This does not revoke any already-issued access tokens.

```bash theme={null}
curl -X DELETE "https://iam.confidence.dev/v1/oauthApps/vkq6qw3qp6nbefxgbkr0" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN"
```
