# Manage OAuth Clients LawVu allows you to create and manage [custom OAuth clients](/docs/guides/authentication#overview) for securely integrating external applications with the platform. This guide walks through each step of creating a new OAuth client, assigning the required permissions, and managing its configuration. ## Prerequisites Creating and managing OAuth clients requires the **Manage Integrations** permission. Without this permission, the Custom Integrations option will not appear. Don't have access? Contact your LawVu organization administrator to enable the **Manage Integrations** permission for your account. See the [Managing roles and permissions](https://help.lawvu.com/en/articles/3202052-managing-roles-and-permissions-for-your-team-members#h_7a234181b7) help article for instructions. After the permission has been granted, you may need to refresh the page for the change to take effect. ## Creating a New OAuth Client ### Step 1 - Open Custom Integrations 1. Select **Integrations** from the side panel. 2. Select **Custom Integrations**. ### Step 2 - Create a new integration Select **Create Integration** to open the setup form. You will be prompted to provide the following details: | Field | Description | | --- | --- | | **Integration name** | A descriptive, friendly name for your integration. This name is displayed on the OAuth consent screen when users authorize access. | | **Redirect URL** | The HTTPS URL in your application that will receive OAuth callback responses. See [Redirect URIs](/docs/guides/authentication#redirect-uris) for requirements. | | **Contact details** | Contact information for the individual or team responsible for the integration. LawVu uses these details to communicate planned outages or breaking changes for the API. | | **Terms acceptance** | You must agree to the [LawVu Developer Platform terms](https://developer.lawvu.com/terms) to create an integration. | ### Step 3 - Save your client credentials After the integration is created, LawVu displays key identifiers and URLs. You should record these immediately. Store your Client Secret now The **Client Secret** is shown **only once** at creation time. Copy and store it in a secure location (such as a secrets manager or vault) before leaving this page. If lost, you will need to generate a new secret. | Value | Description | | --- | --- | | **Client ID** | The unique identifier assigned to your integration. You will use this in all OAuth requests. | | **Client Secret** | A secret string used during authentication. Store this securely - it cannot be retrieved after you leave the page. | | **Client Secret Expiry** | The validity period for the displayed secret. Expired secrets will be rejected during authentication. You can generate a new secret before expiry from the integration management page. | | **Authorize URL** | The frontend web URL used to initiate the OAuth authorization flow and obtain an authorization code. | | **Token URL** | The endpoint used by your application to exchange authorization codes or refresh tokens for access tokens. | Next step With your Client ID and Secret in hand, follow the [Authentication guide](/docs/guides/authentication) to complete the OAuth authorization code flow and start making API calls. ## Managing Existing OAuth Clients After creation, integrations can be updated from the **Integrations** page. Available actions include: - Editing the integration name and contact details - Adding or removing redirect URLs - Creating new client secrets or revoking existing ones ## Sandbox vs. Production Environments Sandbox clients cannot be migrated OAuth clients created in a sandbox environment **cannot** be migrated to production. Sandbox integrations - including client IDs, client secrets, redirect URLs, and configuration - will **not** transfer automatically. Because these environments operate independently, **all OAuth clients must be recreated manually in production**. When you are ready to move to production, plan to: 1. Recreate the OAuth client in the **production** Integrations area. 2. Generate and securely store a new client secret. 3. Update your application configuration with the new Client ID, Client Secret, Authorize URL, and Token URL.