Skip to content
Last updated

Manage OAuth Clients

LawVu allows you to create and manage custom OAuth clients for securely integrating external applications with the platform. This guide walks through each step of creating a new OAuth client, assigning the required permissions, and managing its configuration.


Prerequisites

Creating and managing OAuth clients requires the Manage Integrations permission. Without this permission, the Custom Integrations option will not appear.

Don't have access?

Contact your LawVu organization administrator to enable the Manage Integrations permission for your account. See the Managing roles and permissions help article for instructions.

After the permission has been granted, you may need to refresh the page for the change to take effect.


Creating a New OAuth Client

Step 1 - Open Custom Integrations

  1. Select Integrations from the side panel.
  2. Select Custom Integrations.

Step 2 - Create a new integration

Select Create Integration to open the setup form. You will be prompted to provide the following details:

Field Description
Integration nameA descriptive, friendly name for your integration. This name is displayed on the OAuth consent screen when users authorize access.
Redirect URLThe HTTPS URL in your application that will receive OAuth callback responses. See Redirect URIs for requirements.
Contact detailsContact information for the individual or team responsible for the integration. LawVu uses these details to communicate planned outages or breaking changes for the API.
Terms acceptanceYou must agree to the LawVu Developer Platform terms to create an integration.

Step 3 - Save your client credentials

After the integration is created, LawVu displays key identifiers and URLs. You should record these immediately.

Store your Client Secret now

The Client Secret is shown only once at creation time. Copy and store it in a secure location (such as a secrets manager or vault) before leaving this page. If lost, you will need to generate a new secret.

Value Description
Client IDThe unique identifier assigned to your integration. You will use this in all OAuth requests.
Client SecretA secret string used during authentication. Store this securely - it cannot be retrieved after you leave the page.
Client Secret ExpiryThe validity period for the displayed secret. Expired secrets will be rejected during authentication. You can generate a new secret before expiry from the integration management page.
Authorize URLThe frontend web URL used to initiate the OAuth authorization flow and obtain an authorization code.
Token URLThe endpoint used by your application to exchange authorization codes or refresh tokens for access tokens.
Next step

With your Client ID and Secret in hand, follow the Authentication guide to complete the OAuth authorization code flow and start making API calls.


Managing Existing OAuth Clients

After creation, integrations can be updated from the Integrations page. Available actions include:

  • Editing the integration name and contact details
  • Adding or removing redirect URLs
  • Creating new client secrets or revoking existing ones

Sandbox vs. Production Environments

Sandbox clients cannot be migrated

OAuth clients created in a sandbox environment cannot be migrated to production. Sandbox integrations - including client IDs, client secrets, redirect URLs, and configuration - will not transfer automatically. Because these environments operate independently, all OAuth clients must be recreated manually in production.

When you are ready to move to production, plan to:

  1. Recreate the OAuth client in the production Integrations area.
  2. Generate and securely store a new client secret.
  3. Update your application configuration with the new Client ID, Client Secret, Authorize URL, and Token URL.