Skip to main content
Skip table of contents

Connect to Cloudaware CMDB API using External Client App with OAuth 2.0 Client Credentials Flow

This guide explains how to configure an External Client App using OAuth 2.0 Client Credentials Flow for Cloudaware CMDB API access.

Prerequisites

Required Cloudaware User Profile permissions:

  • View all External Client Apps

  • View all External Client App, view their settings, and edit their policies

  • Create, edit, and delete External Client Apps

Contact your dedicated technical account manager or tam@cloudaware.com to enable the required permissions. Once the permissions are is enabled, proceed with the setup.

Set up the app

  1. Log in to Cloudaware → Setup:

image-20250227-145936.png

  1. In a Quick Find bar, type External Client Apps and select 'External Client App Manager' under Apps:

image-20250227-150123.png

  1. Click New External Client App:

image-20250227-150340.png

  1. Specify a name and a contact email for the app. The API name will be auto-populated. Leave Distribution State as 'Local':

image-20250227-150706.png

  1. Collapse the Basic Information section, expand the ‘API (Enable OAuth Settings)’ section and check the box for 'Enable OAuth':

image-20250227-151047.png

  1. Use http://localhost:1717/OauthRedirect as the Callback URL. Select the following OAuth Scopes:

  • Manage user data via APIs (api)

  • Perform requests at any time (refresh_token, offline_access)

image-20250227-151233.png

  1. Scroll down, check the box for 'Enable Client Credentials Flow' in the Flow Enablement section. Click OK in the popup window:

image-20250227-151533.png

  1. Uncheck the check box 'Require Proof Key for Code Exchange (PKCE) Extension for Supported Authorization Flows' in the Security section unless it is required on your end:

image-20250227-151726.png

  1. Click Create. Ensure that the App has the 'Enabled' status:

image-20250227-151919.png

Click Edit in the Policies section.

  1. Expand the OAuth Policies section. Check the box for 'Enable Client Credentials Flow' and specify the username of a desired Cloudaware user.

image-20250227-152332.png

This user is considered to be a 'running' user of the app. The API will respect the permissions of the specified user while processing the requests. 

  1. Click Save. Allow some time for the app to update or manually refresh the page. Click the button Consumer Key and Secret that becomes available in the section 'OAuth Settings':

image-20250227-152815.png

  1. You will be redirected to an identity verification page. Enter the code sent to the app's contact email to view and copy the the Client ID (Consumer Key) and Client Secret (Consumer Secret).

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close