Auth Client screen is missing "Secret" field

It looks like my Auth Client screen is different than what is in the docs.

I do not have the ‘Secret’ field included on my screen and because of that I am unable to utilize the rest endpoints for corteza.

Has anyone else experienced this? How did you get the Secret for your auth client if it’s not on the screen?

Admin Area → Auth Clients
Corteza version: 2023.3.0
I created the new Auth Client and am logged in as a user with the Super administrator, administrator etc. roles.

Thank you.


I see the older documentation here that shows me how to generate the auth token for a user, command below, but I’m hoping to figure out why the “Secret” field isn’t showing up on the Auth Client screen

./corteza-server auth jwt --auth-client 338547059328414211


Steps I used to generate valid JWT

  1. Create user with required permissions for whatever actions you want to perform
  2. Create auth client - select - Will be used to authenticate users (grant type = authorization_code)
  3. Selected all options when creating auth client
  • Allow client access to user’s profile
  • Allow client access to Corteza API on behalf of user
  • Allow client to use OIDC and verify the user’s identity
  • Allow client access to Corteza Discovery API on behalf of user
  • Trusted
  • Enabled
  1. ssh into server hosting Corteza
  2. Login to docker container running Corteza server - sudo docker exec -it 123456789a1b /bin/bash
  3. cd /corteza/bin
  4. ./corteza-server auth jwt 338546712354013955 --auth-client 338544564328414211 --duration 999999h0m0s
  5. Grab the generated jwt to use as the auth bearer token in api calls

Being able to generate the secret from the auth client screen is still much preferable since we could use an endpoint to grab the jwt rather than logging into the server but at least there is a path forward.

Sharing all of this in case anyone else experiences this challenge.

1 Like

Thank you for sharing!

Thank you, very useful!