Managing OAuth Client Credentials
Overview
Xilnex Auth implements the OAuth 2.0 protocol to govern service-to-service authorization. Client credentials serve as the authentication identity for backend services, enabling them to authorize, or be authorized by, other services within the platform.
Each set of client credentials is scoped to a single service and must be associated with a Project. A Project acts as an organizational container and may hold multiple sets of client credentials.
Before accessing the OAuth Client Configuration, ensure the appropriate role permission has been granted by your system administrator, Click here to see how.
Create New OAuth Client
Step 1 — Create a Project
- Log in to the Xilnex Portal at portal.xilnex.com.
- Navigate to the Developer section.
- Select OAuth Clients under OAuth section.
- Click New to initiate a new Project.
- Complete the Project details and click Save.
| Field | Requirement | Notes |
|---|---|---|
| Project Name | Required | Used as the display identifier for the credential group |
| Description | Optional | Recommended for documentation purposes |
| Created Date | Auto-populated | Defaults to the current date; not editable |
Step 2 — Add OAuth Client to the Project
- Once the Project is saved successfully, under the Project, select Add OAuth Client to create a client credential.
- Complete all required fields and click Save.
- Complete all required fields and click Save.
| Field | Description |
|---|---|
| Client Name | A unique, descriptive name for this set of credentials (between 5 to 50 characters) |
| Application Type | The category of application consuming these credentials |
| App Name | The name of the consuming application (between 5 to 50 characters) |
| App Version | The version identifier of the consuming application |
| Client URI | The application's URI (if applicable) |
| Scopes | The permission scopes required by this client |
Billing - Upon generation of a Client ID and Secret, the application fee will be charged immediately through my registered billing account.
One-Time Secret Visibility - The Client Secret will be displayed only once upon creation. I understand it cannot be retrieved again after this screen is closed. If lost, a new secret must be regenerated, which may affect existing integrations.
Confidentiality Responsibility - User is solely responsible for keeping the Client ID and Client Secret secure and confidential. Sharing or exposing these credentials to unauthorized parties is strictly prohibited.
Misuse Accountability - Any API activity conducted using these credentials is user's responsibility. Xilnex shall not be liable for unauthorized access resulting from credential mishandling.
Revocation Right - Xilnex reserves the right to revoke credentials that are found to be misused, compromised, or in violation of the platform's usage policy.
Edit Project Details
- From the OAuth Client project list, select the Project you wish to modify.
- Update the Project Name and/or Description as needed.
- Click Save to apply changes.
Delete A Project
- From the OAuth Client project list, select the Project you wish to modify.
- Select Delete.
- A confirmation will be prompt.
- Click Confirm to apply changes.
A Project cannot be deleted while it has active Client Credentials. You must remove all associated Client Credentials before the Project itself can be deleted
Edit OAuth Client Details
- Select then Project Name then select the OAuth Client you wish to modify.
- Update the details as needed.
- Click Save to apply changes.
Delete OAuth Client
- Select then Project Name then find the OAuth Client you wish to modify.
- Select More.
- A confirmation message will be shown.
- Enter the Client Name to confirm the action.
- Select Confirm Delete. A message will be shown upon success.
Related Articles
OAuth Project & Client Permission Management
Overview The OAuth Project & Client Permission module controls which roles can access, configure, and manage OAuth projects and client credentials within the system. Permissions are managed under System Configuration > User Roles Permission > All ...Xilnex Auth Integration Guide
Introduction Xilnex Auth implements OAuth 2.0, a widely adopted authorization framework that enables secure access to protected resources by issuing access tokens to client applications. This document provides a comprehensive guide on how to use ...Integrating with Xilnex: Event Triggers & Webhook Configuration
Overview Xilnex Event Hub is an integration framework that enables your system to automatically dispatch real-time notifications to external applications whenever a defined business action occurs — such as completing a sale, creating a client, or ...Available Events: Xilnex Event Hub
Last Updated: 05 May 2026 Sales # Event Name 1 Create Sales 2 Confirm Sales 3 Confirm Sales v2 4 Complete Sales 5 Complete Sales v2 6 Cancel Sales 7 Update Sales 8 Cancel Sales Order 9 Confirm Sales Order 10 Complete Sales Order 11 Post Quotation to ...
Recent Articles
Staff Meal Integration
Staff Meal Integration User Guideline Introduction Staff Meal Integration allows F&B POS to deduct staff meal credit / wallet balance directly from a third-party staff management system when staff purchase meals. This feature is currently supported ...Cancel Print of Full Tax Invoice
Overview In Classic POS, there is a feature called Print Full Tax Invoice, which allows users to generate a full tax invoice for a completed sale. The system must maintain an auditable log whenever a Full Tax Invoice is cancelled. This guideline ...Xilnex API Guide for 3rd party
1. Objective The objective of this API guide is to provide a clear reference for developers and integration partners on how to utilize the Xilnex APIs to establish communication with the Xilnex system. The guide outlines the available endpoints, ...Enabling On The Move 1.0 Access Permission (OTM1.0)
Overview This guide explains how to enable access for users who need to use On The Move 1.0 (OTM 1.0). For OTM 1.0, only one permission is required: Allow to access on the move If this permission is not enabled for the user's assigned user group, the ...Available Events: Xilnex Event Hub
Last Updated: 05 May 2026 Sales # Event Name 1 Create Sales 2 Confirm Sales 3 Confirm Sales v2 4 Complete Sales 5 Complete Sales v2 6 Cancel Sales 7 Update Sales 8 Cancel Sales Order 9 Confirm Sales Order 10 Complete Sales Order 11 Post Quotation to ...
Popular Articles
Basic - How to create a voucher-coupon
Voucher and coupon definition Voucher can be generated in bulk and can be used once Coupon can only be created one at a time (reusable code) and can be use multiple times Pre-voucher / coupon setup There are 2 things need to be prepared before we can ...Understanding DuitNow QR Payment in ClassicPOS
Introduction This document introduces the DuitNow QR payment feature available in the Xilnex Retail POS, enabling merchants to accept payments conveniently through Malaysia's national QR payment standard. The integration of DuitNowQR simplifies the ...Basic - How to change custom cost to another branch that don’t have custom cost
Change custom cost to another branch that don’t have custom cost 1. Get the item list from the location with custom cost (Item Code, Name, Custom Cost) 2. Make sure the Show Location Price are selected 3. Export the item list in Excel 4. The file ...Intermediate - How to Bill & Post to Sales from Transfer Note
1.0 Purpose A bill is required from transfer note when an inventory transfer involves financial transactions, cost allocation, or compliance with tax and accounting regulations. It is used when stock is moved between outlets that operate as separate ...Basic - How to enable E-Receipt Portal and QR Code Setup on Printing format in Xilnex
Enable E-Receipt Portal Enable the E-receipt functionality Once Enabled, you will be getting the E-Receipt portal link Continue under Theme & Styling, enabled for the E-Invoice (LHDN) You can customize the look and feel of the E-Receipt portal ...