Enabling an Application to Use OAuth 2.0

In some cases, you may have an existing application that is not set up for OAuth 2.0. For example, you may have configured an application to authenticate through user credentials, which is not a safe authentication method, and you should not use it.

To enable OAuth 2.0 for an existing application:

  1. Go to Setup > Integration > Managing Integrations, and open the appropriate integration record for editing.


    OAuth 2.0 is only available for RESTlets and REST web services.

  2. Check the Authorization Code Grant box, the Client Credentials (Machine to Machine) Grant, or both.

  3. Chose a scope and check the appropriate box, RESTlets, REST Web Services, SuiteAnalytics Connect, or all of them.

  4. Define the Redirect URI.

  5. (Optional). Choose the Application Logo, Application Terms of Use, and Application Privacy Policy.

  6. (Optional). Check the Public Client box, if you want to allow OAuth 2.0 public clients with this integration.

  7. Select an option from the OAuth 2.0 Consent Policy list.

  8. Click Save.


    The system displays the client ID and client secret only the first time you save the integration record. In cases where an application previously used user credentials as an authentication method, you must reset the client ID and client secret. In cases where the application used TBA, the client ID and client secret are not displayed. You can either use the same values as you used for TBA or reset them to get new values.


    Resetting the client ID and client secret invalidates the previous client ID and client secret. This may invalidate the access token previously used as authentication method of the integration record.

Related Topics

OAuth 2.0
OAuth 2.0 Tasks for Administrators
Getting Started with OAuth 2.0
Create Integration Records for Applications to Use OAuth 2.0
OAuth 2.0 for Integration Application Developers
Troubleshooting OAuth 2.0

General Notices