Protect my backend application
Create a client
In order to use the Astran API V2.1, we should first create a client via the admin console. Clients are entities that can request authentication of a user.
Let's say, we want to protect a backend application with the OpenID connect protocol. First, we should create a client via our admin console. If you don't know how to access your admin console, please refer to this
In your sidebar, click on clients
. It will list all available clients in your realm
as following:
Client configuration
Now click on the button Create client
to create a client and setup your client as following:
General settings
Here we're setting up an OpenID Connect client with backend-app-id
as client_ID
.
This client ID is the most important information here.
You will use it after for the login.
Capability config
Now we have to decide which type of authentication flow we want. Here we choose the direct access grant flow. Whit this authentication flow you will obtain an access token without the need to handle some redirection.
Click on the save button
Add the right default scope
Our client is now created. But this client does not have the Astran-api-v2.1 scope.
Click on the Client scopes
section (not in the sidebar) as following:
Now click on the Add client scope
button and add the split-api-v2.1 scope as default:
Our client is now ready to use split-api-v2.1.
See the Getting Started of the Astran API v2.1 for the next step !