Core concepts Clients

A client is one of the core concepts in Domec API, which is why it’s important to know how this relates to your applications and the impact this will have on auditing, authorization, billing, etc.

Depending on the concepts or technologies you're working with, a client might also be referred to as an application or a relying party.

Let’s start by looking at how clients are represented in Domec Tools and how this relates to other core concepts.


To setup a new Client you will need the following information:

  • Name: Canonical name of your client which you’ll see in the portal, emails, logs, …
  • Domain: This is the domain name of where your client lives.
  • Client ID (read-only): This is the unique identifier for your client application. This is the ID you’ll use with your client when setting up authentication with Domec Tools Platform.
  • Client Secret: This secret will be used to sign and validate tokens which will be used in the different authentication flows. With this key your client will also be able to authenticate to some of the API endpoints (eg: to get an access token from an authorization code).
  • Allowed Callback Urls: One or more urls of your client to which Domec Tools Platform can redirect after the user has authenticated.
  • Allowed Origins (CORS): If you want to use the Domec Tools API from within the browser you’ll need to add the urls of the applications running your javascript code to prevent Same-origin policy errors.
  • JWT Expiration: The expiration in seconds of the access tokens that will be handed out by Domec Tools.
  • Use Domec Tools instead of the IdP to do Single Sign On: If this option is enabled Domec Tools won’t need to redirect users to the identity provider (Facebook, ADFS, …) if the user has authenticated before and hasn’t logged out or his session hasn’t expired.