{"_id":"5da8ce8ede3b31016269188b","project":"564e5930c3553e0d003e53d0","version":{"_id":"564e5a9b1560880d008d30dc","project":"564e5930c3553e0d003e53d0","__v":27,"createdAt":"2015-11-19T23:26:19.166Z","releaseDate":"2015-11-19T23:26:19.166Z","categories":["564e5a9b1560880d008d30dd","566318e1f5ca460d00f41896","56631d08cd54d50d005015fa","56631d2a81ad7417006a202c","5668ba19fbd7680d009375f4","5668cb8b10bda80d00797ed9","5668cb9d10bda80d00797eda","56830d8a3f94e00d004e2a7a","56830d9072bb720d0091f594","56830d94cb4d190d0027698e","56830dc44aecbd0d00a464c5","569e90f3c9b43e0d00c4bab1","56a96d338791090d00113bab","56b12d8336d2580d00247877","56c36bf0a869d017002ea55b","56c36bf93d30210d00ea84bb","56c77749b935671700ff0304","56c7ab9e5652c217008e091a","56cb8bdad5c6241d00ef5e61","58aefce02470660f00b54539","58aefd0bebd7370f0078b954","59ca65ca4337830026edf24f","5c33cd9eb47ba20051ac8d64","5c33df728bec1d0063431c34","5c4783ef523219027055513a","5c4f35033400f3010203a999","5d1d0c9f19c3a0003aeb525a"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"Foundation","version_clean":"2.0.0","version":"2"},"category":{"_id":"5d1d0c9f19c3a0003aeb525a","project":"564e5930c3553e0d003e53d0","version":"564e5a9b1560880d008d30dc","__v":0,"sync":{"url":"","isSync":false},"reference":false,"createdAt":"2019-07-03T20:14:23.802Z","from_sync":false,"order":2,"slug":"app-integration-development","title":"App / Integration Development"},"user":"5bbfe5dfe752030003c5cb52","__v":0,"parentDoc":null,"updates":[],"next":{"pages":[],"description":""},"createdAt":"2019-10-17T20:26:54.505Z","link_external":false,"link_url":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":5,"body":"# Installing OAuth 2.0\n\nInstalling OAuth 2.0 is necessary for app authentication with PagerDuty using the [REST API](https://v2.developer.pagerduty.com/docs/rest-api). You can also review our [sample OAuth 2.0 app](https://github.com/PagerDuty/pagerduty-bulk-user-mgr-sample/blob/master/js/auth.js) for an example of how to build an app that uses OAuth 2.0 authentication.\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/5db0078-app-add-oauth.png\",\n        \"app-add-oauth.png\",\n        1286,\n        282,\n        \"#1c1c1c\"\n      ]\n    }\n  ]\n}\n[/block]\n1. On the **My Apps** page in **Developer Mode**, select the app.\n2. On the **Configure App** page under **Functionality**, select the OAuth 2 **Add** button.\n\n1. On the **Add User Authorization** page, enter a **Redirect URL**. PagerDuty will only redirect users to a URL saved to your OAuth configuration. Click **Save**.\n2. *Optional*: add additional redirect URLs to be used by the app.\n3. Under **Tokens**, the app’s **Client ID** and **Client Secret** are displayed. The Client ID is public and will be used to identify the app when it authenticates with PagerDuty. The Client Secret should be stored securely and must not be shared publicly - PKCE does not require the use of client_secret. If the Client Secret has been compromised, select **Regenerate** to create a new Client Secret. \n4. Under **Scopes** and **Set Permission Scopes**, select an option from the drop-down. By default, the app does not have any permissions set. There are two scope options: **Read** or **Read/Write**. These scopes are tied to the user’s permissions. Authenticated users will only be able to read and write to objects that they have access to.\n5. It is recommended to **Add a message to users** to let them know what data the app will access and how the app will utilize that data. This message will be displayed on the **Authorization Required** screen when the user authenticates the app.\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/3cf0409-app-authorization-screen.png\",\n        \"app-authorization-screen.png\",\n        1436,\n        614,\n        \"#d94339\"\n      ]\n    }\n  ]\n}\n[/block]\n1. Under **Danger Zone**, there are options to delete OAuth from the app and revoke all user tokens. Deleting OAuth will immediately prevent the app from authenticating with PagerDuty and effectively disable it for all users. Revoking all user tokens will require all users to reauthorize the app on their account. As these actions directly affect the end-users of the app, they should be used with caution.\n2. After configuring OAuth 2.0, select **Save**.\n\nCongratulations! OAuth 2.0 is successfully configured for the app.","excerpt":"","slug":"installing-oauth-2","type":"basic","title":"Add OAuth 2.0 to App"}

Add OAuth 2.0 to App


# Installing OAuth 2.0 Installing OAuth 2.0 is necessary for app authentication with PagerDuty using the [REST API](https://v2.developer.pagerduty.com/docs/rest-api). You can also review our [sample OAuth 2.0 app](https://github.com/PagerDuty/pagerduty-bulk-user-mgr-sample/blob/master/js/auth.js) for an example of how to build an app that uses OAuth 2.0 authentication. [block:image] { "images": [ { "image": [ "https://files.readme.io/5db0078-app-add-oauth.png", "app-add-oauth.png", 1286, 282, "#1c1c1c" ] } ] } [/block] 1. On the **My Apps** page in **Developer Mode**, select the app. 2. On the **Configure App** page under **Functionality**, select the OAuth 2 **Add** button. 1. On the **Add User Authorization** page, enter a **Redirect URL**. PagerDuty will only redirect users to a URL saved to your OAuth configuration. Click **Save**. 2. *Optional*: add additional redirect URLs to be used by the app. 3. Under **Tokens**, the app’s **Client ID** and **Client Secret** are displayed. The Client ID is public and will be used to identify the app when it authenticates with PagerDuty. The Client Secret should be stored securely and must not be shared publicly - PKCE does not require the use of client_secret. If the Client Secret has been compromised, select **Regenerate** to create a new Client Secret. 4. Under **Scopes** and **Set Permission Scopes**, select an option from the drop-down. By default, the app does not have any permissions set. There are two scope options: **Read** or **Read/Write**. These scopes are tied to the user’s permissions. Authenticated users will only be able to read and write to objects that they have access to. 5. It is recommended to **Add a message to users** to let them know what data the app will access and how the app will utilize that data. This message will be displayed on the **Authorization Required** screen when the user authenticates the app. [block:image] { "images": [ { "image": [ "https://files.readme.io/3cf0409-app-authorization-screen.png", "app-authorization-screen.png", 1436, 614, "#d94339" ] } ] } [/block] 1. Under **Danger Zone**, there are options to delete OAuth from the app and revoke all user tokens. Deleting OAuth will immediately prevent the app from authenticating with PagerDuty and effectively disable it for all users. Revoking all user tokens will require all users to reauthorize the app on their account. As these actions directly affect the end-users of the app, they should be used with caution. 2. After configuring OAuth 2.0, select **Save**. Congratulations! OAuth 2.0 is successfully configured for the app.