Skip to main content
POST
/
oauth2
/
clients
Create a new OAuth client
curl --request POST \
  --url https://api.provident.ae/v2/oauth2/clients \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "<string>",
  "redirectUris": [
    "https://api.provident.ae/auth/callback"
  ],
  "allowedScopes": [
    "<string>"
  ],
  "tokenLifetimeSeconds": 3600,
  "rateLimitCount": 200,
  "rateLimitWindowSeconds": 43200,
  "ipRestriction": false,
  "allowedIps": []
}
'
{
  "id": "<string>",
  "clientId": "<string>",
  "clientSecret": "<string>",
  "name": "<string>",
  "redirectUris": [
    "<string>"
  ],
  "allowedScopes": [
    "<string>"
  ],
  "isActive": true,
  "createdAt": "2023-11-07T05:31:56Z",
  "updatedAt": "2023-11-07T05:31:56Z",
  "tokenLifetimeSeconds": 123,
  "rateLimitCount": 123,
  "rateLimitWindowSeconds": 123,
  "ip_restriction": true,
  "allowedIps": [
    "<string>"
  ]
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json
name
string
required
redirectUris
string[]
required

List of allowed redirect URIs

allowedScopes
string[]
required

List of allowed scopes

tokenLifetimeSeconds
enum<number>
default:3600

Token lifetime in seconds. Set to 0 for non-expiring token. Allowed values: 0 (non-expiring), 3600 (1h), 10800 (3h), 21600 (6h), 43200 (12h), 86400 (24h). Defaults to 3600 (1h).

Available options:
0,
3600,
10800,
21600,
43200,
86400
rateLimitCount
number
default:200

Maximum number of requests allowed within the window. Set to 0 for unlimited. Defaults to 200.

Required range: x >= 0
rateLimitWindowSeconds
number
default:43200

Rate limit window size in seconds. Defaults to 43200 (12 hours).

Required range: x >= 1
ipRestriction
boolean
default:false

Enable IP restriction for this client. Defaults to false.

allowedIps
string[]

List of allowed IPs/CIDRs if restriction is enabled. Defaults to empty.

Response

id
string
required
clientId
string
required
clientSecret
string
required
name
string
required
redirectUris
string[]
required
allowedScopes
string[]
required
isActive
boolean
required
createdAt
string<date-time>
required
updatedAt
string<date-time>
required
tokenLifetimeSeconds
number
required

Token lifetime in seconds

rateLimitCount
number
required

Maximum requests allowed per window. 0 means unlimited.

rateLimitWindowSeconds
number
required

Rate limit window size in seconds

ip_restriction
boolean
required

Whether IP restriction is enabled

allowedIps
string[]
required

List of allowed IPs/CIDRs