Skip to main content
Skip table of contents

Connect to Cloudaware CMDB API using External Client App with OAuth 2.0 Client Credentials Flow

This guide explains how to configure an external client app using OAuth 2.0 Client Credentials Flow for Cloudaware CMDB API access.

Prerequisites

Contact your dedicated technical account manager or tam@cloudaware.com to enable the required Cloudaware User Profile permissions:

  • View all External Client Apps

  • View all External Client App, view their settings, and edit their policies

  • Create, edit, and delete External Client Apps

Once the permissions are enabled, proceed with the setup.

Set up the app

  1. Log in to the Cloudaware account → Setup:

    CMDB - External Client App - setup.png

  2. In a Quick Find bar, search for External Client Apps and select 'External Client App Manager' under Apps:

    CMDB - External Client App - search for External Client Apps.png

  3. Click New External Client App:

    CMDB - External Client App - click New External Client App.png

  4. Set a name and a contact email for the app. The API name will be auto-populated. Leave Distribution State as 'Local':

    CMDB - External Client App - set up basic info.png

  5. Collapse the 'Basic Information' section. Expand the 'API (Enable OAuth Settings)' section, and check the box 'Enable OAuth':

    CMDB - External Client App - check the box Enable OAuth.png

  6. Under App Settings, use http://localhost:1717/OauthRedirect as the Callback URL. 

    Select the following OAuth scopes:

  • Manage user data via APIs (api)

  • Perform requests at any time (refresh_token, offline_access)

    CMDB - External Client App - select OAuth Scopes.png

  1. Under Flow Enablement, check the box 'Enable Client Credentials Flow'. Click OK in the popup window:

    CMDB - External Client App - click OK.png

  2. Under Security, uncheck the box 'Require Proof Key for Code Exchange (PKCE) Extension for Supported Authorization Flows' unless it is required on your end:

    CMDB - External Client App - uncheck the box Require Proof Key for Code Exchange (PKCE).png


    Click Create.

  3. Ensure that the app has the 'Enabled' status. In the 'Policies' tab, click Edit.

    CMDB - External Client App - check the app status and edit policies.png

  4. Expand the 'OAuth Policies' section. Check the box 'Enable Client Credentials Flow' and specify the username of a preferred Cloudaware user to run the app.

    CMDB - External Client App - check the box Enable Client Credentials Flow.png

This user is considered to be a 'running' user of the app. The API will respect the permissions of the specified user while processing the requests. 


Click Save. Allow some time for the app to update or manually refresh the page.

  1. Go the tab 'Settings' → expand the 'OAuth Settings' section. Click Consumer Key and Secret:

    CMDB - External Client App - click Consumer Key and Secret.png

  2. You will be redirected to an identity verification page. Enter the code sent to the app's contact email to view and copy the the Client ID (Consumer Key) and Client Secret (Consumer Secret).

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.