getting started

Step 2 - Add an app to your tenant

After you log into to Express, navigate to Applications. This is where you add and manage apps in your tenant.

To add an app to the tenant, click New Application.

alt text

Express works with native apps, single-page apps, web apps, and service (M2M) apps. Each application type requires an authorization flow based on its grant type. When you add an app to the Express console, Express sets the appropriate grant types for you.

On the New Applications page, click an app type.

alt text

Native apps are developed for specific platforms or devices. Examples include the apps you see on mobile phones, and apps dedicated to the MacOS platform.

Single-page apps (SPAs) are OAuth 2 clients that run in a user’s web browser. The user interacts with app code. The app code dynamically rewrites the current web page.

In both native apps and SPAs, code is stored on the device or platform. Express strengthens security for these apps by:

  • Not using a client secret for these apps.
  • Using the Proof Key for Code Exchange (PKCE) extension to Keep Your Apps Secure.

Web apps are OAuth 2 clients which runs on a web server. Resource owners (users) access web apps. The app makes API calls using a server-side programming language. The user has no access to the OAuth 2 client secret, or any access tokens issued by the authorization server.

Service apps are also known as a Machine-to-Machine (M2) apps. M2M apps represent programs that interact with an API, and where no user involvement is necessary. The app is acting on behalf of itself and not on behalf of a user. The app can ask for an access token directly without involving a user in the process at all.