Register Your App
Get your client ID from the Flowsta Developer Dashboard.
Whether you're building a web app with OAuth or a desktop Holochain app with identity linking, you need a registered app and a client ID.
Step 1: Create a Developer Account
- Go to dev.flowsta.com
- Sign up or log in with your Flowsta account
Step 2: Create an Application
- Click Create New App
- Enter your app's details:
- App Name — Shown to users during OAuth consent or Vault approval
- App Description — Brief description of your app
- Application Type — Web App, Desktop App, or Holochain App
Step 3: Configure Your App
Configuration differs based on your integration path.
For Web Apps (OAuth)
Redirect URIs
Add the URLs where users are redirected after authentication:
http://localhost:3000/auth/callback (development)
https://yourapp.com/auth/callback (production)TIP
Add both development and production URIs. You can add multiple redirect URIs.
Select Scopes
Choose which user data your app needs:
| Scope | Data | Notes |
|---|---|---|
openid | User ID (sub) | Auto-included |
display_name | Display name | |
username | Username | |
email | Email address | Requires explicit user permission |
profile_picture | Profile picture URL | |
did | W3C Decentralized Identifier | |
public_key | Holochain agent public key |
For Holochain Apps (Identity Linking)
Holochain apps don't need redirect URIs, but they do select scopes. Scopes control which profile fields Flowsta Vault exposes to your app via its local IPC server (GET /status on port 27777). The user sees the selected scopes listed in the Vault approval dialog before they approve.
Select Scopes
| Scope | What your app receives via /status |
|---|---|
openid | Basic identity — auto-included, not shown to the user |
did | did — the user's decentralized identifier |
public_key | agent_pub_key — the Vault's Holochain agent key |
holochain | Required for the agent-linking ceremony |
display_name | display_name — the user's display name |
username | username — the user's @username |
profile_picture | profile_picture — avatar URL |
Select only the scopes your app actually uses. Fields for unselected scopes are returned as null from /status, even if the user has that data in their Vault.
The app name and selected scopes are what users see in the Vault approval dialog:
"Your App Name" wants to link your Flowsta identity
This app will be able to access:
✓ Decentralized ID (DID)
✓ Public key
✓ Holochain identity
✓ Display name
[Deny] [Allow]Branding (Optional)
- Logo URL — Shown on the OAuth consent screen or Vault approval dialog
- Privacy Policy URL — Link to your privacy policy
- Terms of Service URL — Link to your terms
Step 4: Copy Your Client ID
Your client ID looks like: flowsta_app_abc123def456...
Use this in your SDK configuration:
Web App:
const auth = new FlowstaAuth({
clientId: 'flowsta_app_abc123def456',
redirectUri: 'https://yourapp.com/auth/callback'
});Holochain App:
const result = await linkFlowstaIdentity({
appName: 'YourApp',
clientId: 'flowsta_app_abc123def456',
localAgentPubKey: myAgentKey,
});No Client Secret
Flowsta uses PKCE for web apps and IPC for desktop apps — no client secret needed for either path.
Next Steps
- Quick Start — Implement authentication (Web or Holochain)
- Web Auth Guide — OAuth flow documentation
- Vault Guide — Holochain identity linking
- Login Button — Pre-built button components for web