Documentation Center

Create a custom application

In addition to the default application provided for Tridion Sites, you can create your own custom applications in Access Management.

Procedure

  1. From the slide-out navigation, select Access Management.
  2. Go to the Applications tab where you can view the list of existing applications.
  3. At the top of the list page, select Register application.
  4. Define the new application with the following details:
    Client ID
    A unique identifier for your custom application, as coded in the application code. After registering the application you can no longer change the ID.
    Name
    The display name of your custom application.
    Allowed authentication flow type
    The authentication flows for retrieving an access token.
    Access Management (as with the OAuth 2.0 framework) supports several different flows. The flow that is best suited for your use case depends on your application type and possibly other factors, such as the level of trust you have for the client.
    Select one of the following flow types:
    AuthorizationCodeWithPkce
    Authorization Code Flow with Proof Key for Code Exchange (PKCE).
    This is the default authentication flow and provides the most secure method for front-end initiated OIDC flows.
    AuthorizationCode
    Authorization Code Flow with no requirement for users to provide a client secret.
    This authentication flow is more secure than Implicit but not as secure as Authorization Code with PKCE.
    Implicit
    Implicit flow is a simple flow that returns an access token immediately without an extra authorization code step.
    This option is not recommenced except for special cases where an authentication code flow is not suitable. Of the three options, it is the least secure and does not allow the use of refresh tokens.
    Allowed redirect URLs
    Application URLs that can return a user to the application following user authentication.
    Define at least one redirect URL.
  5. Click Save.