Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


OAuth App Authorization with JSA


Apps use the OAuth authorization protocol to authorize the app to access JSA resources.

Configure OAuth parameters in the authentication section of the manifest file. The only mandatory entry is for the "requested_capabilities". When users install the app by using the Extensions Management tool in JSA, they select a user that has the user capability that is defined in "requested_capabilities". When this authorization is configured, the app can access JSA resources.

The following example shows the authentication section in the manifest file.

"authentication": { "oauth2": { "authorisation_flow": "CLIENT_CREDENTIALS", "requested_capabilities": ["ADMIN"] } }

The "authorisation_flow" entry is optional. The only accepted value is "CLIENT_CREDENTIALS".

If the authorization is not configured as CLIENT_CREDENTIALS, the installation fails and returns the following message:

"OAuth flow type X is not currently supported".

The "requested_capabilities" must contain at least one entry. It provides the capability or permissions that the app needs to function in JSA. The app installation fails if the requested_capabilities capability that is configured is not listed in JSA.