Getting Client Credentials (Client Id and Client Secret)
šÆ Purpose
Ditto ID Gateway Management console Administrator provides the generated Client ID and Client Secret required for OIDC flow initiation and authorization code exchange.
š Credential Requirements
-
Client ID: Unique identifier for the registered OAuth2 client\
-
Client Secret: Secure secret for client authentication
-
Usage: Required for:
-
Initiating OIDC flow from integrator's login page
-
Exchanging Authorization Code for Access Token
š”ļø Security Considerations
- Secure Storage: Store credentials securely in application configuration\
- Access Control: Limit access to authorized personnel only
- Regular Rotation: Consider periodic credential rotation for enhanced security
- Environment Separation: Use different credentials for different environments
š Reference Documentation
- Detailed Information: Refer to Ditto ID Gateway Manager Admin Manual\
- Section: Enterprise Management section
- Purpose: Credential management and security best practices
Updated 4 months ago