Create an OAuth App

An OAuth app represents your integration. It holds your credentials, the permissions you ask for, and the URLs users come back to after signing in.

Steps

  1. Sign in to Chess Scanner and open Dashboard → OAuth Apps.
  2. Click New OAuth App.
  3. Fill in the form:
    • Application name: the name users see on the consent screen.
    • Homepage URL: your app's website.
    • Authorization callback URLs: one per line. Users come back here after authorizing, so each URL has to match exactly (scheme, host, and path).
    • Logo URL (optional): shown on the consent screen.
    • Permissions: the scopes your app may request. They start selected, so uncheck the ones you don't need.
  4. Click Register application.
  5. Copy your Client ID and Client Secret right away. The secret is only shown once.

Permissions

ScopeAllows reading
user.readThe user's basic profile (name, email, avatar)
databases.readThe user's databases
games.readGames, single games, PGN export and the changes feed
offline_accessIssues a refresh token for long-lived access

Managing an app

Open an app from the list to:

  • Edit its name, homepage, callback URLs, logo, and permissions. Adding a permission means users have to approve it again the next time they sign in. Removing one only affects new authorizations, since tokens you already issued keep it until they expire.
  • Regenerate the client secret. The old secret stops working right away.
  • Revoke tokens to invalidate every access token at once. Connected integrations then have to sign in again.
  • Delete the app, which permanently revokes all access.

Callback URLs

The redirect_uri you send during authorization has to be one of the registered callback URLs, matched character for character. Register every environment you use, for example:

https://your-app.com/oauth/callback
http://localhost:3000/oauth/callback

Next: Authorization.

Was this page helpful?