Connect to Cloudaware CMDB API using External Client App with OAuth 2.0 Client Credentials Flow

This guide explains how to configure an external client app using OAuth 2.0 Client Credentials Flow for Cloudaware CMDB API access.

Prerequisites

Contact your dedicated technical account manager or tam@cloudaware.com to enable the required Cloudaware User Profile permissions:

Once the permissions are enabled, proceed with the setup.

Log in to the Cloudaware account → Setup:
In a Quick Find bar, search for External Client Apps and select 'External Client App Manager' under Apps:
Click New External Client App:
Set a name and a contact email for the app. The API name will be auto-populated. Leave Distribution State as 'Local':
Collapse the 'Basic Information' section. Expand the 'API (Enable OAuth Settings)' section, and check the box 'Enable OAuth':
Under App Settings, use http://localhost:1717/OauthRedirect as the Callback URL.

Select the following OAuth scopes:

Under Flow Enablement, check the box 'Enable Client Credentials Flow'. Click OK in the popup window:
Under Security, uncheck the box 'Require Proof Key for Code Exchange (PKCE) Extension for Supported Authorization Flows' unless it is required on your end:

Click Create.
Ensure that the app has the 'Enabled' status. In the 'Policies' tab, click Edit.
Expand the 'OAuth Policies' section. Check the box 'Enable Client Credentials Flow' and specify the username of a preferred Cloudaware user to run the app.

This user is considered to be a 'running' user of the app. The API will respect the permissions of the specified user while processing the requests.

Click Save. Allow some time for the app to update or manually refresh the page.

Go the tab 'Settings' → expand the 'OAuth Settings' section. Click Consumer Key and Secret:
You will be redirected to an identity verification page. Enter the code sent to the app's contact email to view and copy the the Client ID (Consumer Key) and Client Secret (Consumer Secret).