Create application

Admin

New client

Create OAuth application

Define a stable client ID, callback URL, signing keys, and default roles. You can refine OIDC fields now or later in edit.

Client identifier, redirect URL, auth mode, and whether sign-in is blocked.

Application ID *

Lowercase letters, numbers, dots, hyphens, and underscores.

Redirect URI *

Auth mode

Create as disabledWhen checked, OAuth flows are rejected until you enable the client.

Optional overrides; empty fields usually inherit from the main client id and secret below.

OIDC client ID

OIDC client secret

Scopes (comma-separated)

Grant types (comma-separated)

JWT private key material and client secret required by the authorization server.

JWT private key *

Application secret *

Every new user receives these organization roles for this client.

Optional IPv4 or CIDR rules. Leave empty to allow all addresses.