The baisc flow looks like this:
User enters your app.
The user encounters a place in your application where he want to use Xena API.
He will be forced to login into the Xena.
After successfull login he will be transfered back to your app with tokens.
Your app can communicate with the Xena Api by passing the users access_token.
Firstly your app needs to be registred in xena then in OAuth tab:
You won't be able to change the grant type later on
Enabled - you can enable/disable your connection with the app.
Browser access - allows obtaining the access_token through front channel communication.
Off-line access - Used in hybrid flow to obtain refresh_token that can be exchanged for access_token without user interaction.
Supported grant types:
Implicit - mainly for browser-based applications.
Hybrid - for applications with backend where the server will communicate with the xena api.
After the client creation you will be transfered to edit window with few new settings:
Scopes - Available scopes for your app. The testapi scope is required for Xena API communication.
RedirectUri - The uri of your oidc login endpoint. These must match in client and configuration. (For ASP default path is yourapp.com/signin-oidc)
Post Logout Redirect Uri - After the user logs out, he will be transfered back to your app. (For ASP default path is yourapp.com/signout-callback-oidc)
Secrets - auto-generated secret for your app (hybrid flow)