Creating an OAuth client for API access

Administrators use Medallia Setup to create an OAuth account that applications need to access APIs. The OAuth account will have a client ID and client secret the application uses to obtain an access token necessary to access the APIs. Additionally, each application should have its own AppID account: an account not associated with a specific user.

  1. Create an account for the application.
    • Account name — Descriptive of the application.

    • Account type — Choose System

    • Enabled — Must be enabled.

    • Role — Select a role to assign to the account. The role determines the account's access privileges.

  2. Create an OAuth client account for the application.

    • Client ID — The client ID to use when making requests.

    • Client secret — The Client secret value to use when requesting access.

    • Confidential — Must be enabled.

    • Grants — Choose Client Credentials Grant (for backend services).

    • Client subject — Choose the AppID account name you created above.

  3. Provide the Client ID and Client secret to the developer implementing the application that will access the APIs.