To participate in OAuth 2.0 flows on Apigee, client apps must be registered.
What is registration?
Registration allows Apigee (the authorization server) to uniquely identify your app. When you register your app, you receive back two keys: a client ID and client secret. The app needs these keys when negotiating for access tokens with the authorization server.
If you want to register a new app:
- Access the Developer Apps page, as described below.
To access the Developer Apps page:
- Open the Apigee UI.
- Select Publish > Apps in the left navigation bar.
- Click + App
- Fill out the form:
- Enter a name and display name for the app.
- Select a developer (you can choose one of the default developers or create your own).
- (Optional) Enter a callback URL. This is used for "three-legged" OAuth grant type
flows. This is where Apigee redirects the user after they complete authentication
(login) with the resource server. It has to be a complete URL, so you might enter something
https://www.example.com. For more about three-legged OAuth, see Implementing the authorization code grant type.
- Add an API product. You can select an existing product or create your own.
- Skip the custom attributes section for now.
- Click Create.
- Find your new app in the list of developer apps and select it.
- Click Show to see the Consumer ID (client ID) and Consumer Secret (client secret) values.