<%# Admin OAuth2 client detail body (todo §6), captured into the shell content slot. Config: client { firstParty, id, name, public, redirectUris[], scopes[] } created bool just registered → success banner secret? string one-time client secret (confidential clients), shown once right after create del { action } delete the client csrfToken %><% const c = locals.client; const del = locals.del; -%>
<% if (locals.created) { -%> <%- include("alert", { text: "Client registered.", tone: "pos" }) %> <% } -%> <% if (locals.secret) { -%>

Client secret

Copy these now — the secret can't be shown again. Store them where the app reads its credentials.

<% } -%>

<%= c.name %>

Client ID
<%= c.id %>
Type
<%= c.public ? "Public (PKCE)" : "Confidential" %>
Consent
<%= c.firstParty ? "First-party (auto-granted)" : "Shows the consent screen" %>
Scopes
<%= c.scopes.length ? c.scopes.join(" ") : "—" %>
Redirect URIs
<% if (c.redirectUris.length) { %>
    <% c.redirectUris.forEach((u) => { %>
  • <%= u %>
    • <% }) %>
<% } else { %>—<% } %>

To change a client, delete and re-register — this issues a new client ID and secret. The secret is shown only once, at registration.

Delete client