Administrators use Medallia Setup to create an OAuth account that applications need to access APIs. The OAuth account will have a client ID and client secret the application uses to obtain an access token necessary to access the APIs. Additionally, each application should have its own AppID account: an account not associated with a specific user.

1. Create an account for the application.

   • Account name — Descriptive of the application.

   • Account type — Choose System

   • Enabled — Must be enabled.

   • Role — Select a role to assign to the account. The role determines the account's access privileges.

2. Create an OAuth client account for the application.

   • Client ID — The client ID to use when making requests.

   • Client secret — The Client secret value to use when requesting access.

   • Confidential — Must be enabled.

   • Grants — Choose Client Credentials Grant (for backend services).

   • Client subject — Choose the AppID account name you created above.

3. Provide the Client ID and Client secret to the developer implementing the application that will access the APIs.