Configuring OAuth Clients & Trusted Domains
Configuring OAuth Clients & Trusted Domains
When developing applications that interact with the Kinetic Platform, especially locally or via embedded components, you’ll need to set up OAuth Clients and define Trusted Domains to ensure secure, authenticated access.
This guide walks through how to configure both, why they’re needed, and common use cases.
What is an OAuth Client?
An OAuth Client allows external applications to authenticate users securely through the Kinetic Platform using token-based authorization.
You’ll need an OAuth Client if:
- You're building a custom frontend using the Kinetic React libraries
- You want to authenticate API requests outside of the browser session
- You’re enabling third-party tools to integrate with your space
Creating an OAuth Client
To create a new client:
- Go to your Space Console
- Navigate to:
Settings > OAuth - Click New OAuth Client
See Example
Fill in the following fields:
| Field | Description |
|---|---|
| Name | A descriptive label (e.g., "Local Dev App") |
| Description | Description of what the Client is for |
| Client ID | Confidential for server-side apps, Public for browser apps |
| Client Secret | Used to authenticate confidential apps; never expose in browser-based code. |
| Redirect URI | The URL where users will be sent after authentication (e.g., http://localhost:3000/oauth) |
Once saved, your Client ID and Secret (if applicable) will be available.
Using OAuth for Local Development
To use your OAuth Client in local dev environments:
- Add your
Client IDto your app's configuration (e.g.,authentication.jsin a React project). - Ensure your redirect URI matches exactly what’s set in the OAuth Client.
- Confirm your local dev domain (e.g.,
http://localhost:3000) is added to Trusted Domains (below).
Configuring Trusted Domains
Trusted domains help Kinetic distinguish which external resources are allowed to:
- Access platform resources (Trusted Resource Domains)
- Embed Kinetic content in an iframe (Trusted Frame Domains)
This prevents CORS issues and protects against malicious embedding.
To configure:
- Go to your Space Console
- Navigate to:
Settings > Security - Find Trusted Domains
See Example
| Type | Purpose | Example |
|---|---|---|
| Trusted Resource Domains | For OAuth redirect URIs, API calls, etc. | http://localhost:3000 |
| Trusted Frame Domains | For embedding Kinetic in external portals | https://partner-portal.example.com |
You can list multiple domains, separated by commas.
Best Practices
- Use separate OAuth Clients for dev, staging, and production environments.
- Never expose client secrets in browser-based applications.
- When in doubt, start with
http://localhost:3000for dev and expand trusted domains as needed. - Always test OAuth flow after setup to ensure tokens are returned successfully.
🧵 Related Topics
Updated 8 days ago