Managing OAuth Client Credentials
Overview
Xilnex Auth implements the OAuth 2.0 protocol to govern service-to-service authorization. Client credentials serve as the authentication identity for backend services, enabling them to authorize, or be authorized by, other services within the platform.
Each set of client credentials is scoped to a single service and must be associated with a Project. A Project acts as an organizational container and may hold multiple sets of client credentials.
Before accessing the OAuth Client Configuration, ensure the appropriate role permission has been granted by your system administrator, Click here to see how.
Create New OAuth Client
Step 1 — Create a Project
- Log in to the Xilnex Portal at portal.xilnex.com.
- Navigate to the Developer section.
- Select OAuth Clients under OAuth section.
- Click New to initiate a new Project.
- Complete the Project details and click Save.
| Field | Requirement | Notes |
|---|---|---|
| Project Name | Required | Used as the display identifier for the credential group |
| Description | Optional | Recommended for documentation purposes |
| Created Date | Auto-populated | Defaults to the current date; not editable |
Step 2 — Add OAuth Client to the Project
- Once the Project is saved successfully, under the Project, select Add OAuth Client to create a client credential.
- Complete all required fields and click Save.
- Complete all required fields and click Save.
| Field | Description |
|---|---|
| Client Name | A unique, descriptive name for this set of credentials (between 5 to 50 characters) |
| Application Type | The category of application consuming these credentials |
| App Name | The name of the consuming application (between 5 to 50 characters) |
| App Version | The version identifier of the consuming application |
| Client URI | The application's URI (if applicable) |
| Scopes | The permission scopes required by this client |
Billing - Upon generation of a Client ID and Secret, the application fee will be charged immediately through my registered billing account.
One-Time Secret Visibility - The Client Secret will be displayed only once upon creation. I understand it cannot be retrieved again after this screen is closed. If lost, a new secret must be regenerated, which may affect existing integrations.
Confidentiality Responsibility - User is solely responsible for keeping the Client ID and Client Secret secure and confidential. Sharing or exposing these credentials to unauthorized parties is strictly prohibited.
Misuse Accountability - Any API activity conducted using these credentials is user's responsibility. Xilnex shall not be liable for unauthorized access resulting from credential mishandling.
Revocation Right - Xilnex reserves the right to revoke credentials that are found to be misused, compromised, or in violation of the platform's usage policy.
Edit Project Details
- From the OAuth Client project list, select the Project you wish to modify.
- Update the Project Name and/or Description as needed.
- Click Save to apply changes.
Delete A Project
- From the OAuth Client project list, select the Project you wish to modify.
- Select Delete.
- A confirmation will be prompt.
- Click Confirm to apply changes.
A Project cannot be deleted while it has active Client Credentials. You must remove all associated Client Credentials before the Project itself can be deleted
Edit OAuth Client Details
- Select then Project Name then select the OAuth Client you wish to modify.
- Update the details as needed.
- Click Save to apply changes.
Delete OAuth Client
- Select then Project Name then find the OAuth Client you wish to modify.
- Select More.
- A confirmation message will be shown.
- Enter the Client Name to confirm the action.
- Select Confirm Delete. A message will be shown upon success.
Related Articles
OAuth Project & Client Permission Management
Overview The OAuth Project & Client Permission module controls which roles can access, configure, and manage OAuth projects and client credentials within the system. Permissions are managed under System Configuration > User Roles Permission > All ...Xilnex Auth Integration Guide
Introduction Xilnex Auth implements OAuth 2.0, a widely adopted authorization framework that enables secure access to protected resources by issuing access tokens to client applications. This document provides a comprehensive guide on how to use ...
Recent Articles
How to Update Client Record in Classic POS
Overview Updating client information is an essential function in ClassicPOS, enabling users to maintain and update existing client records. This ensures that client data remains accurate and up to date for daily operations, reporting, and effective ...How to Create a New Client in Classic POS
Overview This function is created to centralize and manage client information in ClassicPOS. The Client Form allows users to create, update, and maintain customer records, supporting the management of personal information, transaction history, ...POS Hold Bill Feature (Coming Soon!)
Hold Bill Feature – Retail POS 1. Overview The Hold Bill feature allows cashier to temporarily save an ongoing transaction and resume it later. ✅ Enabled by default for Retail POS Designed to improve queue efficiency Prevents loss of sales when ...OAuth Project & Client Permission Management
Overview The OAuth Project & Client Permission module controls which roles can access, configure, and manage OAuth projects and client credentials within the system. Permissions are managed under System Configuration > User Roles Permission > All ...Xilnex Auth Integration Guide
Introduction Xilnex Auth implements OAuth 2.0, a widely adopted authorization framework that enables secure access to protected resources by issuing access tokens to client applications. This document provides a comprehensive guide on how to use ...
Popular Articles
Basic - How to create a voucher-coupon
Voucher and coupon definition Voucher can be generated in bulk and can be used once Coupon can only be created one at a time (reusable code) and can be use multiple times Pre-voucher / coupon setup There are 2 things need to be prepared before we can ...Understanding DuitNow QR Payment in ClassicPOS
Introduction This document introduces the DuitNow QR payment feature available in the Xilnex Retail POS, enabling merchants to accept payments conveniently through Malaysia's national QR payment standard. The integration of DuitNowQR simplifies the ...Basic - How to change custom cost to another branch that don’t have custom cost
Change custom cost to another branch that don’t have custom cost 1. Get the item list from the location with custom cost (Item Code, Name, Custom Cost) 2. Make sure the Show Location Price are selected 3. Export the item list in Excel 4. The file ...Intermediate - How to Bill & Post to Sales from Transfer Note
1.0 Purpose A bill is required from transfer note when an inventory transfer involves financial transactions, cost allocation, or compliance with tax and accounting regulations. It is used when stock is moved between outlets that operate as separate ...Basic - How to enable E-Receipt Portal and QR Code Setup on Printing format in Xilnex
Enable E-Receipt Portal Enable the E-receipt functionality Once Enabled, you will be getting the E-Receipt portal link Continue under Theme & Styling, enabled for the E-Invoice (LHDN) You can customize the look and feel of the E-Receipt portal ...