YM Support Home > Technical > API Unfollow 

How to create OAuth App Credentials

Table of Contents

Prerequisites

How to get there

Creating keys
Credentials tab
Redirect URL(s)

Allowed Scopes

App Status

Information tab

Additional Information

FAQs

Prerequisites
In order to create OAuth app credentials, you will need the following:

The Online Community enabled

REST API access enabled

Please Note: If you need these enabled, please open a support ticket to get the process started.

How to get there

After signing into the administrative backend, go to Content & Settings » General Settings » API Con guration, then
click on OAuth Management at the top of the screen.

Don't see this option? This could be that you do not have the Online Community enabled or REST API access. Open a
ticket with support to get this process started.
Support
Creating keys
On load, you will see an empty table with the option to add a new client app. Click on that link to get the process
started.

The con guration is split up between two different tabs: Credentials and Information. The credentials tab holds the
con guration settings for your app like the keys (Client App ID and Client App Secret), Redirect URL(s), Scopes, and
Status. The information tab consists of the developer's information, including a short description about the uses of the
app and an image to identify it.

It is recommended to always name your app rst at the top of the page. Click on the "Edit Name" link and add a new
name. Then click on the "Save" link below the input box.

Credentials tab
As shown in the yellow banner, save the credentials shown in the Client App ID and Client App Secret elds. Although
the App ID can be seen later, the Secret cannot. If you lose the Secret, you will have to regenerate a new secret key.
Redirect URL(s)

Once you have copied the keys to a separate document/area, con gure your Redirect URL(s). A Redirect URL is where
a user is redirected to after authenticating on your YM site. This route is typically a server endpoint where it would get
the authorization code from a query string parameter after a user authorizes the application. This URL must be an
absolute path, and it must be secure (HTTPS). Wildcards are currently not supported.

Many times, you only need one, but there are cases where you might need more. You can add up to 5 keys as needed or
remove any that no longer apply.

Allowed Scopes

Next, determine the scopes that are needed for your application. The Basic Pro le scope is the default that aligns with
the BasicMemberPro le service and must be selected. If your application requires more information and functionality,
you would also select and use the Full Pro le scope (MemberPro le service).

App Status

As a default, this is set to No. Flip this to Yes when you are ready for this application to be live.

Once you have completed all required elds in the Credentials tab, you will see a green checkmark light up in the tab
name.
Information tab
This section is all about the developer's information, the app description, and an optional app image. The developer's
information could easily be your organization's contact information if your organization would be managing this
application's source code or if your organization would be managing any communications if necessary. The description
section is just a way to brie y explain the uses of the application, and the image is just a way to add an image for your
app. This image would appear as an icon for the member when they are managing their authorized applications. Only
one image is available per OAuth App, and it will be scaled down to 150 x 150.

Once you have completed all required elds in this section, you will see a green checkmark next to the Information tab.

When both tabs have been validated, you will be able to save your application. Press the Save button at the top right to
complete this process.

NOTE: Just remember that you will not be able to see your Client App Secret once you press save. You will have to
regenerate the keys when editing the application if you have not saved them elsewhere.
Additional Information
When a user authorizes an app, there will be two ways to revoke this access from YM. On the administrative side, a new
link at the top of the page has been added that reads “Disconnect Authorized Apps” IF AND ONLY IF the user has at
least one active authorization to an external application. If not, it will not be visible on the pro le.

On the frontend, they can see their connected applications by rst clicking on the Information & Settings tab then
clicking on the “Manage Connected Apps” link (formerly “Manage Social Sign-On”).

On that page, you will see any connected external apps under the two default social apps.
Note: Any apps created with OAuth will only appear as options to disconnect if they have been authorized by the user.
FAQs

Is there a limit to how many apps are created?

At the moment, there is no limit. Although that may be the case, we do not recommend creating more
than needed as that could potentially be more app keys out there than necessary.

Why is the delete option is not showing?

In order to delete an app, it rst must be inactive. Once it is inactive, the "Delete" option will be available
when editing an app.

Will YM create apps for me?

We do not offer any custom development services, but we can always assist in queries regarding the
OAuth Management feature.

Was this article helpful? 👍 👎 0 out of 0 found this helpful

Powered by Zendesk