Protect my front-end application

Create a client

In order to use the Astran API V2.1, we should first create a client via the admin console. Clients are entities that can request authentication of a user.

Let's say, we want to protect a front-end application as Cockpit with the OpenID connect protocol. First, we should create a client via our admin console. If you don't know how to access your admin console, please refer to this

In your sidebar, click on clients. It will list all available clients in your realm as following:

Client configuration

Now click on the button Create client to create a client and setup your client as following:

General settings

Here we're setting up an OpenID Connect client with frontend-app-id as client_ID. This client ID is the most important information here. You will use it after for the login.

Capability config

Now we have to decide which type of authentication flow we want. Here we choose the standard flow, which corresponds to the OAuth2 authorization code flow.

For more informations about this flow see Oauth2 Authorization Code Flow

Click on the save button

Access settings

Finally, we have to put a valid redirect URL which has to point to our front-end application. Be careful, the front end application have to handle correctly the authorization code flow in order to get the access token.

You will end up with:

Add the right default scope

Our client is now created. But this client does not have the split-api-v2.1 scope. Click on the Client scopes section (not in the sidebar) as following:

Now click on the Add client scope button and add the split-api-v2.1 scope as default:

Our client is now ready to use the Astran API v2.1

See the Getting Started of the Astran API v2.1 for the next step !