# Registering OAuth Apps Register your applications in AccessIQ to enable secure authentication using the OAuth 2.0 / OpenID Connect protocols. ## When to Register an OAuth App Register an OAuth app when you want to: * Let users sign in to your application using their AccessIQ credentials * Access AccessIQ APIs on behalf of a user * Use AccessIQ as the identity layer for your own product ## Creating an OAuth Application 1. Go to **Applications > OAuth Apps**. 2. Click **Add Application**. 3. Fill in the application details: | Field | Description | Required | | ---------------- | ---------------------------------------------------- | ---------------- | | Application name | A descriptive name for the app | Yes | | Application type | Web, Single-Page, Native, or Machine-to-Machine | Yes | | Redirect URIs | URLs where AccessIQ sends users after authentication | Yes (except M2M) | | Logout URIs | URLs where AccessIQ redirects after sign-out | No | | Allowed origins | Permitted CORS origins for browser-based apps | SPA only | | Description | Internal note about the app's purpose | No | 4. Click **Create**. ## Application Types | Type | Use case | Grant type | | ------------------ | ------------------------------------------- | ---------------------------- | | Web | Server-rendered apps (Next.js, Rails, etc.) | Authorization Code | | Single-Page (SPA) | Browser apps (React, Angular, Vue) | Authorization Code with PKCE | | Native | Mobile or desktop apps | Authorization Code with PKCE | | Machine-to-Machine | Backend services, cron jobs, scripts | Client Credentials | ## Credentials After creating an app, AccessIQ generates: * **Client ID** -- a public identifier for your app. Safe to include in frontend code. * **Client Secret** -- a private key used by server-side apps. Keep this confidential. > **Important:** The Client Secret is shown only once at creation. Copy it immediately and store it securely. If lost, you can rotate the secret from the app settings. ## Managing Applications ### Rotate Client Secret 1. Go to **Applications > OAuth Apps** and select your app. 2. Click **Rotate Secret**. 3. Copy the new secret and update your application configuration. 4. The old secret remains valid for a grace period (configurable) to allow a smooth transition. ### Deactivate an Application 1. Select the app and click **Deactivate**. 2. All tokens issued to this app are immediately invalidated. 3. You can reactivate the app later without losing its configuration. ### Delete an Application 1. Select the app and click **Delete**. 2. This action is permanent and revokes all associated tokens. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://accessiq.gitbook.io/accessiq-docs/applications-and-api/oauth-apps.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.