Skip to content

Cozy OAuth clients doctype


The io.cozy.oauth.clients doctype contain the OAuth clients informations used in the OAuth2 flow.

  • client_id {string}: ClientID, part of the official OAuth Standard
  • client_secret {string}: ClientSecret, part of the official OAuth Standard, generated by the cozy-stack
  • client_secret_expires_at: {timestamp}: When the client secret will expire and will not be usable anymore. By default, it won’t expire
  • registration_access_token {string}: Token used for the web instance onboarding
  • allow_login_scope {bool}: Allow (or not) a login scope generation
  • redirect_uris {[]string}: List of URIs used for redirection after login, declared by the client. Part of the official OAuth Standard
  • grant_types {[]string}: Kind of grant for the client (authorization_code or refresh_token). Part of the official OAuth Standard
  • response_types {[]string}: Kind of responses (code). Part of the official OAuth Standard
  • client_name {string}: Client name
  • client_kind {string}: Client kind (mobile, browser, desktop, …). Optional.
  • client_uri {string}: Client URI. Optional.
  • logo_uri {string}: Client logo URI. Optional
  • policy_uri {string}: Client policy URI. Optional
  • software_id {string}: Client software identifier
  • software_version {string}: Client software version. Optional
  • notifications {object}: Notifications parameters for the client.
  • notifications_platform {string}: Notification platform (android, iOS, …). Optional, declared by the client
  • notifications_device_token: {string}: Token for the notifications. Optional, declared by the client.
  • client_os: {string}: The Operating System of the client, inferred from the user-agent.
  • synchronized_at: {date}: Date of the last synchronization. Used by settings.
  • last_refreshed_at: {date}: Date of the last time an access_token has been given for this client (from an authorization_code or a refresh_token).
  • onboarding_* {string}: onboarding_secret, onboarding_app, onboarding_permissions & onboarding_state are used for an onboarding straight on the mobile.

The official documentation give a more in-depth overview of the OAuth client authorization workflow.