Skip to main content

Documentation Index

Fetch the complete documentation index at: https://apyguard.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Overview

OAuth2 Client Credentials is used when a machine identity requests tokens directly from the provider without an end-user login.

Configure OAuth2 Client Credentials in ApyGuard

  1. Go to Start Scan → Authorization Settings.
  2. Create a new authorization setting.
  3. Choose OAuth2 Client Credentials.
  4. Enter a descriptive Authorization Setting Name.
  5. Configure token format and token location.
  6. Select the API server so ApyGuard can detect OAuth2 configuration.
  7. Review the detected OAuth2 metadata.
  8. Create or select the matching client credentials record.
  9. Save the authorization setting.

Required credential fields

Create a credential record with:
  • Client ID
  • Client secret
  • Scopes

What users review in the UI

Server-aware detection

ApyGuard uses the selected API server to detect OAuth2 provider details before the setting is saved.

Machine credential pairing

The authorization setting is linked to a credential containing client ID, client secret, and scopes for the machine identity.

Best fit

Use this method when:
  • The API is consumed by backend services or integrations
  • No human login is required
  • The provider supports the client credentials grant

What to verify

  • The token endpoint matches the provider configuration
  • The requested scopes are allowed for the client
  • The client secret belongs to the correct environment