On this page
OAuth is an open-standard authorization protocol. It allows you to authorize API access to Teamwork Cloud Admin and other modeling tools. Once access has been granted, the authorized application can utilize the API on behalf of the user. Only users with Configure Server permission can create and manage client keys. After creating the key, you must approve it, which can be done in the Client keys (Consumer keys for OAuth 1.0a) data table. When the client key is approved, its status will change to Approved. This feature enables you to easily change the status of client keys, allowing you to control users' sign-in requests.
The client key is unique, but the assigned client name and client secret can be changed. If changes occurred, the Administrator should provide a new client name and secret to the user.
The supported client types are OAuth 1.0a, OAuth 2.0*, and OpenID Connect
*OAuth 2.0, which stands for “Open Authorization”, is a standard designed to allow a website or application to access resources hosted by other web apps on behalf of a user. OAuth 2.0 provides consented access and restricts actions of what the client app can perform on resources on behalf of the user, without ever sharing the user's credentials.
Creating the OAuth client keys
To create a OAuth 1.0a client
- In the Settings application, go to the OAuth clients page.
- Select a client type tab - OAuth 1.0a.
You can also choose the Client type in the client creation dialog.
- In the right-bottom corner, click the Create client
button. - In the open dialog, enter the Consumer name and Consumer secret.
- Re-type the consumer secret.
- Click Save.
To create a OAuth 2.0 or OpenID Connect client
- In the Settings application, go to the OAuth clients page.
- Select a client type tab - OAuth 2.0 or OpenID Connect.
You can also choose the Client type in the client creation dialog.
- In the right-bottom corner, click the Create client button.
- In the open dialog, enter the Client name and Client secret.
- Re-type the client secret.
- Enter Redirect URIs. Multiple enties are available by pressing enter after each URI.
- Choose the needed Grant types and Response types.
- Click Save.
When you click the Save bytton, a client key (consumer key for OAuth 1.0a) is immediately generated and added to the Client keys data table. Now, to activate the new client key, you have to approve it.
Supported Grant and Response types
| Client type | Grant types | Response types |
|---|---|---|
| OAuth 2.0 | authorization_code password refresh_token urb:ietf:params:oauth:grant-type:device_code | code token |
| OpenID Connect | authorization_code password refresh_token urb:ietf:params:oauth:grant-type:device_code | code code id_token code id_token token code token id_token id_token token |
Actions with created client keys
To edit the client name, secret, or redirect URIs
- In the client key table, indicate the client key row you want to change.
- At the end of a needed row, click
and select Edit. The confirmation dialog opens. - In this dialog, change the client name, client secret, or redirect URIs (for OAuth 2.0 and OpenID Connect) . Note that the client key is unique and cannot be changed.
- Click Save to save changes.
To approve or disapprove the client key
- In the client key table, indicate the client key row you want to approve (or disapprove).
- At the end of a needed row, click and select Approve (or Disapprove). The confirmation dialog opens.
- In this dialog, confirm that this client key will be approved (or disapproved).
To remove a client key
- In the client key table, indicate the client key row you want to change
- At the end of a needed row, click and select Remove. The confirmation dialog opens.
- Click Remove to permanently remove client key.