Creating an OAuth client for API access
Administrators use Medallia Setup to create an OAuth account that applications need to access APIs. The OAuth account will have a client ID and client secret the application uses to obtain an access token necessary to access the APIs. Additionally, each application should have its own AppID account: an account not associated with a specific user.
- Create an account for the application.
Account name — Descriptive of the application.
Account type — Choose System
Enabled — Must be enabled.
Role — Select a role to assign to the account. The role determines the account's access privileges.
Create an OAuth client account for the application.
Client ID — The client ID to use when making requests.
Client secret — The Client secret value to use when requesting access.
Confidential — Must be enabled.
Grants — Choose Client Credentials Grant (for backend services).
Client subject — Choose the AppID account name you created above.
Provide the Client ID and Client secret to the developer implementing the application that will access the APIs.