- Application Name: A name to identify your integration (e.g., “Your Product Name”)
- Callback URL: The URL where users will be redirected after authenticating with CoLoop (e.g.,
https://yourdomain.com/oauth2/callback
) - Application Type: Whether your application is public or private
- Choose private for server-side applications that can securely store credentials
- Choose public for client-side applications (browsers, mobile apps) that require PKCE flow
Response Format
For private applications, you’ll receive the following configuration:client_secret
field and public
set to true
:
Important Security Notes
- For private applications, store the
client_secret
securely as it cannot be retrieved later - Public applications use PKCE flow and don’t receive a client secret
- The provided scopes (
email profile
) allow access to basic user information