Security Manager

OAuth2 Client Maintenance

OAuth2 Client Maintenance is used for adding and maintaining OAuth2 clients. OAuth2 clients are required to access PxPlus Web services that have access restricted either via NOMADS security on the query or report or by security enabled in Web Services Maintenance. For information on how to access restricted PxPlus Web services, see Access OAuth2 Restricted Web Service.

OAuth2 allows for strong security by properly managing OAuth2 clients. If a user's system has been compromised, you can change the client secret, thus revoking the compromised credentials access. If a user no longer needs access or access needs to be revoked, the client can be deleted, thus revoking the user access.

OAuth2 clients can be managed programmatically and/or without a GUI. See OAuth2 Clients Object.

Important Note:
You must first set up Security Classifications and at least an ADMIN User prior to setting up OAuth2 clients.

(The OAuth2 Client Maintenance utility was added in PxPlus 2021.)

To invoke OAuth2 Client Maintenance, use one of the following methods:

Location

Method

From the PxPlus IDE Main Launcher (Windows)

Expand the Security category and select OAuth2 Client Maintenance.

From the PxPlus Web IDE

Select Security > OAuth2 Client Maintenance.

The following window is displayed:

This window consists of the following:

Name

Name of the OAuth2 client. Existing clients are displayed in the list box.

Create

Invokes a separate panel for creating an OAuth2 client. See Create/Update OAuth2 Client.

Update

Invokes a separate panel for updating an existing OAuth2 client. See Create/Update OAuth2 Client.

Delete

Deletes the selected OAuth2 client from your system.

Warning!
Deleting a client will revoke access to any secured PxPlus Web services for any user using that client.

Exit

Closes OAuth2 Client Maintenance.

Create/Update OAuth2 Client

OAuth2 Client Maintenance is used for creating a new or updating an existing OAuth2 client.

This window consists of the following:

Name

Text input field for the name of the new OAuth2 client. (Will be Read Only if updating an existing OAuth2 client.)

Client ID

(Read Only) Auto-generated client ID. The client ID cannot be changed for an existing client.

Client Secret

(Read Only) Auto-generated client secret. The client secret can be changed by using the Generate New Secret button.

Security Class

Drop down list of the defined security classes. The security class defines what access this OAuth2 client has to the system.

Copy Client Credentials

Copies the client ID and client secret to the Clipboard as client_id:client_secret. This is useful for sharing the client credentials with users.

Generate New Secret

Generates a new client secret. This is useful for revoking access to a possibly compromised client.

Save

Saves the newly created/updated OAuth2 client and returns to the OAuth2 Client Maintenance main panel.

Cancel

Cancels the creating or updating of the OAuth2 client without saving any changes and returns to the OAuth2 Client Maintenance main panel.