Create an OAuth Client Access to Staffbase APIs

Learn how to securely create an OAuth client to enable direct, token-based access to Staffbase APIs for third-party applications and custom integrations.

Employee App
Staffbase Intranet
beta

From the Staffbase Studio, you can create OAuth client access tokens to provide seamless and secure access to Staffbase APIs when integrating with third-party tools or platforms.

OAuth client access allows external applications to interact with the Staffbase platform in a streamlined and secure way. By creating an OAuth client in the Staffbase Studio, you enable seamless, standards-based authentication flows that generate scoped access tokens on behalf of users. This setup ensures secure data exchange while allowing your integration to access only the necessary Staffbase APIs. For example, in a single-page application (SPA), users sign in with their Staffbase credentials. Once authenticated, they are redirected to a designated page of your choice, and an access token is then dynamically issued to enable secure API access.

Prerequisites

  • You have a clear understanding of which API scopes your integration requires.
  • You have OAuth clients activated for your platform. Contact Staffbase Support or your Customer Success Manager for more information.
  • You have the following:
    • The website URL to which you want to redirect the users after authentication
    • The host URL that matches the domain of your redirect URI
  1. In the Studio, navigate to Settings > OAuth Clients.
  2. Click Create OAuth Client.
    The Create a New OAuth Client dialog opens.
  3. Select SPA to connect to the Staffbase API and click Next.
  4. In the Client Name field, provide a name for the OAuth client.
  5. In the Scopes field, enter the permission scope for the request. For example, use groups:read:all to read the group information.
  6. In the Redirect URI field, provide the URl to which you want to redirect the users after authentication.
  7. In the Allowed CORS Origins field, provide the host URL that matches the domain of your redirect URI.
  8. Click Create.
    You have created the OAuth client access. You will be redirected to the OAuth overview page, which contains the details of the access you created.