Guides
llms.txtMCP
Start typing to search…

Credentials

When integrating with the Candis API, you will require Client ID and Client Secret to authenticate your application. Additionally, since the Candis API utilizes the OAuth 2.0 Authorization Code Flow, you must provide a Redirect URL for seamless redirection during the authentication process.

Client ID and Client Secret

The Client ID and Client Secret are unique identifiers that authenticate your application with the Candis API.

How to Obtain:

You can generate your Client ID and Client Secret directly from the Candis application:

  1. Navigate to Settings > Candis API
  2. In the Credentials section, click Generate new
  3. Fill in the required information:
    • Name: Enter a unique name for this credential set (e.g., "SAGE100" or "Microsoft BC")
    • Redirect URL: Enter your application's redirect URL (a default URL is pre-filled, you can add up to 5 URLs)
  4. Click Generate credentials
  5. Your Client ID and Client Secret will be displayed

Important: The Client Secret is only displayed once during generation and cannot be retrieved afterward. Make sure to:

  • Copy both values or download them as a text file using the Download as text file button
  • Store the Client Secret securely
  • Confirm you've stored the credentials before closing the dialog

Redirect URL

The Redirect URL is a critical component of the OAuth 2.0 Authorization Code Flow. It is the endpoint to which users are redirected after they successfully authenticate.

  • Why It's Needed:
    The Redirect URL ensures secure communication between your application and the Candis API during the OAuth flow.
  • How to Provide:
    Enter your Redirect URL(s) when generating your credentials. You can add up to 5 redirect URLs if needed. The first redirect URL is required; additional URLs are optional.

Managing Your Credentials

After generating credentials, you can:

  • View details: Click on your credential card to see the Client ID, creation date, creator, and configured redirect URLs
  • Delete credentials: Remove credentials when they're no longer needed (this will immediately stop all API access)

Note: You can use the same credentials to connect multiple systems.

Next Steps

Once you have your credentials and Redirect URL configured, you can proceed to implement the OAuth 2.0 Authorization Code Flow in your application. Refer to our OAuth 2.0 Integration Guide.

Updated 6 days ago