Register your application
Before you make requests to Bigin API endpoints, register your application (client) with Bigin's Authorization server. When you register an application, the authorization server assigns OAuth 2.0 client credentials such as Client ID and Client Secret to the application. These credentials are essential in OAuth 2.0 flow to authenticate requests made to the authorization server in order to obtain access key tokens.
To register a new application, follow these steps:
Step 1: Open the API console
Go to Zoho API Console ↗.
If you already have an account in Bigin, sign in to it.
If you don't have an account in Bigin yet, sign up for Bigin.
Step 2: Select a client type
If you are registering an application for the first time, click GET STARTED.
If you already registered an application and want to register a new one, then click + ADD CLIENT.
From the Choose the Client Type window, select one of the following client types as needed:
The client type is the type of application you build.
Step 3: Fill out client details
Based on the selected client type, you must provide the following details and then click CREATE:
- Client Name: Type the name of the application. The client name must not contain special characters except underscore (_) and ampersand (&).
- Homepage URL: Provide the home page URL of your application. For example, https://www.yourdomain.com.
- Authorized Redirect URIs: Provide a webpage URL of your application to which the accounts URL redirects you with an authorization code after the user's successful validation. For example, https://www.yourdomain.com/callback.
- Javascript Domain: Provide a Javascript Domain URL of your application. For example, http://www.your-js-domain.com.
Each client type has a distinct set of details to enter as shown below:
| Client Type | Client Name | Homepage URL | Authorized Redirect URIs | Javascript Domain |
|---|---|---|---|---|
| Client-based applications | ✔ | ✔ | ✔ | ✔ |
| Server-based applications | ✔ | ✔ | ✔ | ✗ |
| Mobile-based applications | ✔ | ✔ | ✔ | ✗ |
| Non-browser applications | ✔ | ✔ | ✗ | ✗ |
| Self client | ✗ | ✗ | ✗ | ✗ |
Step 4: Copy the client ID and secret
Once the registration of your application is complete, you will receive the following credentials that are used to identify your registered application:
- Client ID: A unique identifier that contains the registration information of an application. The authorization server identifies the application using this client identifier. In Bigin, the client ID is a publicly exposed unique string that looks like this:
1000.682FCGL9IO0XAAQY7904YOBT4IHGYL
- Client Secret: A unique key that helps authenticate an application with the authorization server. The client secret is privy to the application and authorization server and must be kept safe. In Bigin, the sample client key looks like this:
bb4169344ea3ef804d96531f8de0ca7a8b6fb7d8dd
If you want to view these credentials in the future, you must re-login to your API console account, select the application you want to access, and then navigate to the Client Secret tab.
Step 5: (Optional) Configure multi-dc for the client
You can now set up the multi-dc configuration for your application. The multi-dc configuration allows you to control the users from different domains to access your application.
To set up multi-dc configuration, in the API console, select the application you want to access and then navigate to the Settings tab. On the Settings tab, from the list of data centers, enable the slider for the data center you want to allow to access your application.
When you enable the data center, the authorization server generates the new client secret for that particular data center users. As an alternative, you can also enable the same client secret for all DCs by selecting the Do you want to use the same client secret in all DataCenters? check box.
What's next!
Learn how authorization processes work for each client