POST /oauth/reg

Register your app with Coil

You must register your client app with Coil to be approved for OAuth access.

  1. Sign up for a free Coil account if you don't already have one.

  2. Sign in to your Coil account and then visit https://coil.com/oauth_register.

  3. Fill out the form. All fields are mandatory.

  4. Email support@coil.com and let us know you've submitted the form. Include your client app name.

Field

Description

Client App Name

The name of your app that you'll show to Coil users while they are authenticating.

Redirect URIs

A CSV list of URIs that Coil users can be redirected to after granting access to their resources.

Logo URI

The URI of your app's logo. The logo is shown to Coil users so they know which app is requesting access to their resources.

Terms of Service URI

The URI to your terms of service.

Privacy Policy URL

The URL to your privacy policy.

Remember, you must email us at support@coil.com to let us know you've submitted the form. Coil will review your request and, if approved, send a registration access token to the email address on your Coil account.

Register your app with the OIDC provider

Client apps that want to use resources owned by Coil must register themselves with the OIDC provider.

POST https://coil.com/oauth/reg

The header of your request must include the access token we emailed you.

This request can only be made once. Make sure you save the client_id and client_secret returned in the response.

Request

Query headers

Key

Value

Content-Type

application/json

Authorization Bearer

Bearer REGISTRATION_ACCESS_TOKEN, where REGISTRATION_ACCESS_TOKEN is the token you received via email.

Query parameters

Be sure to include the same redirect URIs you included on the web form.

Parameter

Type

Description

redirect_uris

array of strings

The URIs that Coil users can be redirected to after granting access to their resources.

Example request

curl -X POST https://coil.com/oauth/reg \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer Pb8w98v18ikkZyy26nxXK5OKDDsN6kfEJVmQ2id9tbC' \
-d \
'{
"redirect_uris":["https://example.com"]
}'

Response

The OIDC provider will return a number of parameters in the response. The most important are below. Make sure you save your client_id and client_secret.

Parameter

Type

Description

client_id

string

The identifier for your app that was registered with the OIDC provider.

client_secret

string

The corresponding secret to the client_id.

redirect_uris

array of strings

The registered redirect_uris that will be used.

Example response

{
"application_type": "web",
"grant_types": [
"authorization_code",
"refresh_token"
],
"id_token_signed_response_alg": "RS256",
"require_auth_time": false,
"response_types": [
"code"
],
"subject_type": "public",
"token_endpoint_auth_method": "client_secret_basic",
"introspection_signed_response_alg": "RS256",
"post_logout_redirect_uris": [],
"backchannel_logout_session_required": false,
"request_uris": [],
"authorization_signed_response_alg": "RS256",
"web_message_uris": [],
"client_id_issued_at": 1552957330,
"client_id": "314ac134-fc3c-4d28-bf43-ccb75a2f9fb2",
"client_name": "Example Client",
"client_secret_expires_at": 0,
"client_secret": "uVE2t7y1QvyM78PlBA3aQAUh6syXVw7P2XBr4QDsS2yrkETR6al9YFpH4NDloXh5",
"redirect_uris": [
"https://example.com"
],
"introspection_endpoint_auth_method": "client_secret_basic",
"revocation_endpoint_auth_method": "client_secret_basic",
"registration_client_uri": "https://coil.com/oauth/reg/9aa42050-aa1e-41ae-b1eb-abc14ed9894f",
"registration_access_token": "84a3LeRtn_x06skdje45~x4m8mdqT1qhSizyqpijrzr"
}

Next: Get an access code so your app can request access to an authenticated Coil user's resources.