API ReferenceapiidentityPOST /v1/admin/oauth-clients

POST /v1/admin/oauth-clients

Service: identity · operationId: (none)

Register a new OAuth client

Required scopes

(no scope declared — review service config)

Request body

{
  "type": "object",
  "properties": {
    "client_name": {
      "type": "string",
      "minLength": 1,
      "maxLength": 255,
      "description": "Display name for the app"
    },
    "client_type": {
      "type": "string",
      "enum": [
        "confidential",
        "public"
      ],
      "default": "confidential",
      "description": "confidential (server-side) or public (SPA/native)"
    },
    "redirect_uris": {
      "type": "array",
      "items": {
        "type": "string",
        "format": "uri"
      },
      "minItems": 1,
      "description": "OAuth redirect URIs (exact match)"
    },
    "allowed_scopes": {
      "type": "array",
      "items": {
        "type": "string"
      },
      "minItems": 1,
      "description": "Scopes the app may request"
    },
    "allowed_origins": {
      "type": "array",
      "items": {
        "type": "string"
      },
      "description": "Allowed CORS origins (SPAs)"
    },
    "client_uri": {
      "type": "string",
      "format": "uri",
      "description": "App homepage URL"
    },
    "logo_uri": {
      "type": "string",
      "format": "uri",
      "description": "App logo URL"
    }
  },
  "required": [
    "client_name",
    "redirect_uris",
    "allowed_scopes"
  ]
}

Responses

201 Client registered — client_secret shown once

{
  "type": "object",
  "properties": {
    "client": {
      "type": "object",
      "properties": {
        "id": {
          "type": "string"
        },
        "client_id": {
          "type": "string"
        },
        "client_name": {
          "type": "string"
        },
        "client_uri": {
          "type": [
            "string",
            "null"
          ]
        },
        "logo_uri": {
          "type": [
            "string",
            "null"
          ]
        },
        "client_type": {
          "type": "string",
          "enum": [
            "confidential",
            "public"
          ]
        },
        "redirect_uris": {
          "type": "array",
          "items": {
            "type": "string"
          }
        },
        "allowed_scopes": {
          "type": "array",
          "items": {
            "type": "string"
          }
        },
        "allowed_origins": {
          "type": "array",
          "items": {
            "type": "string"
          }
        },
        "owner_id": {
          "type": [
            "string",
            "null"
          ]
        },
        "brand_id": {
          "type": "string"
        },
        "is_first_party": {
          "type": "boolean"
        },
        "enabled": {
          "type": "boolean"
        },
        "created_at": {
          "type": "string"
        },
        "updated_at": {
          "type": "string"
        }
      },
      "required": [
        "id",
        "client_id",
        "client_name",
        "client_uri",
        "logo_uri",
        "client_type",
        "redirect_uris",
        "allowed_scopes",
        "allowed_origins",
        "owner_id",
        "brand_id",
        "is_first_party",
        "enabled",
        "created_at",
        "updated_at"
      ]
    },
    "client_secret": {
      "type": [
        "string",
        "null"
      ],
      "description": "Shown ONCE on creation — store securely. Null for public clients."
    }
  },
  "required": [
    "client",
    "client_secret"
  ]
}

400 Validation error

{
  "type": "object",
  "properties": {
    "error": {
      "type": "string"
    },
    "message": {
      "type": "string"
    }
  },
  "required": [
    "error",
    "message"
  ]
}

Example

curl -X POST https://identity.platform.loop.health/v1/admin/oauth-clients \
  -H "Authorization: Bearer $ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{ ... }'