OAuth and Connect flows
Switera provides app-scoped Auth and OAuth-style flows for end-user access. Use this page when your app needs hosted login, consent, tokens, redirect URIs, or device-based flows.
OAuth client information
The Auth settings page can show app-specific OAuth client details such as:
- client ID
- authorize URL
- token URL
- redirect URIs
Use these values from trusted application configuration. Keep environment-specific values separate.
Redirect URIs
Redirect URIs must match exactly.
Good practice:
- use HTTPS in production
- use one URI per environment
- avoid broad wildcard behavior
- remove old callback URLs after migration
- test login after every redirect URI change
Consent
Consent pages explain what the end user is authorizing. Keep consent copy understandable and product-specific.
If consent fails:
- confirm the user is signed in
- confirm the client ID belongs to the app
- confirm redirect URI is allowed
- confirm requested scopes are valid
Device flow
Device flow is useful when a user signs in from a CLI, TV, terminal, or device that cannot easily host a browser callback.
Typical flow:
- The device displays a user code and verification URL.
- The user opens the URL in a browser.
- The user signs in.
- The user confirms the code.
- The device receives authorization.
Hosted Connect pages
Hosted pages can cover:
- login
- consent
- invitations
- device code confirmation
- logout
- forgot password
- magic link verification
Test hosted pages on mobile and desktop before sending real users through them.