A Client is an external application that can sign in via your divergent Identity instance.
Navigate to "Clients" and then hit "Create Client".
You'll need to provide the following information:
- Name
- Display Names (Localised)
- Permissions
- Redirect URIs (At least 1)
Once created, we will generate the appropriate client secrets for usage in your OAuth application.
When you first create a client, it's created with sensible defaults for your security.
1 Hour
Access tokens should be short lived, requiring client applications to "refresh" them to maintain access.
This allows tokens to be revoked by your users that cannot be refreshed in a time period any longer than 1 hour.
1 Week
For most applications, having a user sign in once per week is appropriate.
Authentication Requirements
PKCE is the best flow for most new client applications.
For M2M, you may change this to Authorization Flow. Note that you may need multiple clients for this to operate the way you intend.