Create an application

Procedure

1. Log on to the RAM console as a RAM administrator.

2. In the left-side navigation pane, choose Integrations > OAuth (Preview).

3. On the Enterprise Applications tab, click Create Application.

4. On the Create Application page, configure the application parameters.

   1. Enter the Application Name and Display Name.

   2. Select the OAuth Protocol Version.

      • 2.0: Follows the OAuth 2.0 specification.

      • 2.1: Follows the OAuth 2.1 specification, supporting dynamic client registration but not fixed secret validation.

   3. Select the Application Type.

      • Web Application: A browser-based application.

      • Native Application: An application that runs locally on a desktop or mobile operating system.

      • Server Application: An application that directly accesses Alibaba Cloud services without user sign-in. Currently, only user provisioning applications based on SCIM are supported. For an example, see Provision users to Alibaba Cloud RAM using SCIM.

   4. Set the Access Token Validity Period.

      An access token is valid for 900 to 10,800 seconds (15 minutes to 3 hours). The default is 3,600 seconds (1 hour).

   5. For Web and native applications, set the Refresh Token Validity Period and Callback URL.

      • Refresh Token Validity Period: A refresh token is valid for 7,200 to 31,536,000 seconds (2 hours to 1 year). The default is 2,592,000 seconds (30 days).

      • Callback URL: The URL where the authorization server redirects the user after they grant authorization. Use it to receive an authorization code or perform follow-up actions. Use an HTTPS URL, for example, https://example.com/authcallback.

   6. Add an OAuth Scope to limit the application's permissions when acting on behalf of a user.

      You can also add an OAuth scope after you create the application. For more information, see Manage OAuth scopes.

5. Click Create Application.