Skip to content

Spike: OAuth Application management UI #7154

Open
Open
Spike: OAuth Application management UI#7154
Labels
apiIssue related to the REST API
@khvn26

Description

@khvn26
khvn26
opened on Apr 7, 2026

Scope

The OAuth epic (#5227) does not include a user-facing UI for creating or managing OAuth Applications. #7033 (Dynamic Client Registration) only handles public MCP clients. Confidential clients (like an IdP's SCIM client needing client_id + client_secret for client credentials grant) can currently only be created via Django Admin.

Spike whether OAuth Application management should be:

  • A standalone page in Organisation Settings (list, create, revoke Applications)
  • Embedded in feature-specific UIs (e.g. the SCIM tab creates the Application inline)
  • Left to Django Admin for self-hosted, with a managed flow for SaaS

This spike is not blocking the SCIM OAuth integration — Django Admin is a viable fallback for creating confidential OAuth Applications until a UI exists.

Metadata

Metadata

Assignees

No one assigned

    Labels

    apiIssue related to the REST API

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions