You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs-v2/pages/rest-api/auth.mdx
+10-9Lines changed: 10 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,23 +6,24 @@ The Pipedream API supports two methods of authentication: [OAuth](#oauth) and [U
6
6
7
7
✅ OAuth clients are tied to the workspace, administered by workspace admins <br />
8
8
✅ Tokens are short-lived <br />
9
-
✅ OAuth clients support scopes, limiting access to specific operations <br />
9
+
✅ OAuth clients support scopes, limiting access to specific operations (coming soon!)<br />
10
+
✅ Limit access to specific Pipedream projects (coming soon!)<br />
10
11
11
12
When testing the API or using the CLI, you can use your user API key. This key is tied to your user account and provides full access to any resources your user has access to, across workspaces.
12
13
13
14
## OAuth
14
15
15
-
Workspace administrators can create OAuth applications in your workspace's [API settings](https://pipedream.com/settings/api).
16
+
Workspace administrators can create OAuth clients in your workspace's [API settings](https://pipedream.com/settings/api).
16
17
17
18
Since API requests are meant to be made server-side, and since grants are not tied to individual end users, all OAuth clients are [**Client Credentials** applications](https://www.oauth.com/oauth2-servers/access-tokens/client-credentials/).
18
19
19
-
### Creating an OAuth application
20
+
### Creating an OAuth client
20
21
21
-
1. Visit your workspace's [API settings](https://pipedream.com/settings/api).
22
-
2. Click the **New OAuth App** button.
23
-
3. Name your app and click **Create**.
24
-
4. Copy the app's client secret. **It will not be accessible again**. Click **Close**.
25
-
5. Copy the app's client ID from the list of OAuth applications.
22
+
1. Visit the [API settings](https://pipedream.com/settings/api) for your workspace.
23
+
2. Click the **New OAuth Client** button.
24
+
3. Name your client and click **Create**.
25
+
4. Copy the client secret. **It will not be accessible again**. Click **Close**.
26
+
5. Copy the client ID from the list.
26
27
27
28
### How to get an access token
28
29
@@ -69,7 +70,7 @@ Access tokens expire after 1 hour. Store access tokens securely, server-side.
69
70
### Revoking a client secret
70
71
71
72
1. Visit your workspace's [API settings](https://pipedream.com/settings/api).
72
-
2. Click the **...** button to the right of the OAuth app whose secret you want to revoke, then click **Rotate client secret**.
73
+
2. Click the **...** button to the right of the OAuth client whose secret you want to revoke, then click **Rotate client secret**.
73
74
3. Copy the new client secret. **It will not be accessible again**.
0 commit comments