As a developer I want to be able to manage my OAuth Applications

Question

Opened this issue 3 years ago · 0 comments

Acceptance Criteria

A tab exists on a developer's profile page named "developer"
A method of creating new OAuth clients exists
A list of all OAuth clients belonging to the user exists with the following criteria:
- The listing contains the client's ID, name, and redirect URI.
- The listing contains a delete button, which will also confirm the user's choice to delete when first pressed.
- The listing contains a "revoke tokens" button which presents the user with a modal which completes the revocation process.
  - The modal must contain an input for the client secret to be used in the authentication process for the API endpoint.

This feature has been partially implemented with a half-baked UI. We should revisit it someday soon.

The API requires the following request to delete a client:
(This may change to include the client secret soon)

DELETE /clients/:id
Authentication: Bearer <token>

The API requires the following request to revoke all tokens:

POST /oauth/revokeAll
Authentication: <ClientId>:<ClientSecret>