Third-party applications must be registered in the Authorized Applications section of the Administration module. This process allows the system to identify the application trying to access it.
During registration, the fields for the name of the application and the return URLs must be completed.
Once registered, the system stores the credentials of the registered application (identifier and secret key). They should be used to configure the client application as client_id and client_secret, respectively. The client_secret should neither be divulged nor shared.