Managing OAuth Clients and Scope Updates

Why Can't We Add New Scopes to Existing Clients?

You cannot directly update OAuth scopes due to security concerns, as this could inadvertently grant unintended permissions to existing users of a specific OAuth client. Therefore, HCSS requires creating a new OAuth client whenever you need to modify scopes. This approach ensures that changes to permissions are properly managed and aligned with data access policies and security protocols governed by the Identity service.

Creating a New OAuth Client

To add new scopes to your application, follow these steps to create a new OAuth client:

Creating a New OAuth Client

  • Log in to the Partner Portal : Access the Partner Portal and navigate to the OAuth Clients section.
  • Initiate OAuth Client Creation : Click on Create OAuth Client to begin the process.

Create

Configure Client Details

When setting up your OAuth client, select the scopes you'd like to provide, and ensure to provide the following details:

  • Redirect URL : This should be your application's entry point, typically the login page. It is where users will be redirected after granting permission to access their data.

  • Post Login Callback URL : This is where the HCSS Identity Service will redirect users after authentication. Here, you can retrieve the access token along with the HCSS Company ID. This token enables your application to make API calls on behalf of the authorized company. If the token request fails with a 401 error, users will need to reauthorize their access, similar to the initial authorization process.

Request Customer Approval

After setting up the new OAuth client, inform existing customers about the new version requiring their approval.

  • Manage Multiple Apps : Optionally, manage multiple applications for different integrations or choose to unpublish an existing app when the new version is ready for production.

Additional Resources

For detailed instructions on customer consent and verification, refer to our guide on Connecting to HCSS Companies.

For further assistance or inquiries, please contact our support team through support@hcssapps.com or visit our Help Center.