Protect my backend application

Create a client

In order to use the Astran API V2.1, we should first create a client via the admin console. Clients are entities that can request authentication of a user.

Let's say, we want to protect a backend application with the OpenID connect protocol. First, we should create a client via our admin console. If you don't know how to access your admin console, please refer to this

In your sidebar, click on clients. It will list all available clients in your realm as following:

Client configuration

Now click on the button Create client to create a client and setup your client as following:

General settings

Here we're setting up an OpenID Connect client with backend-app-id as client_ID. This client ID is the most important information here. You will use it after for the login.

Capability config

Now we have to decide which type of authentication flow we want. Here we choose the direct access grant flow. Whit this authentication flow you will obtain an access token without the need to handle some redirection.

Click on the save button

Add the right default scope

Our client is now created. But this client does not have the Astran-api-v2.1 scope. Click on the Client scopes section (not in the sidebar) as following:

Now click on the Add client scope button and add the split-api-v2.1 scope as default:

Our client is now ready to use split-api-v2.1.

See the Getting Started of the Astran API v2.1 for the next step !