1. The Client ID serves as a unique identifier assigned to each registered application. It helps identify and distinguish the specific application making requests to the API. This identification ensures that the API recognises and verifies the source of the incoming requests.
   
2. The Client Secret, on the other hand, is a confidential and shared secret known only to the application and the ApprovalMax API. It acts as a secure key to authenticate the application and establish trust during the API communication. The Client Secret serves as a means of authenticating the application's identity and verifying its authorisation to access the ApprovalMax system.
   

1. Authorise and open the Developer Portal
   The ApprovalMax Developer Portal is specifically designed for individuals responsible for managing the application, whether they are developers or users. 
   To access the Developer Portal, it's crucial that you have a registered user account in the ApprovalMax system.
   
   To access the ApprovalMax Developer Portal, log into ApprovalMax, click on your Avatar first and then on Developer Portal(*):
   
   
   Please note: to access the Developer Portal, you must have beta access granted at user-level. This will enable you to create and manage your application, generate Client ID and Client Secrets that are used to authorise the Public API. Please request a beta via our support.
   
   Or, follow this link and sign in to the system using your login and password (these credentials are the same ones you use when logging into ApprovalMax), or via other services like Google, Xero, Intuit or Microsoft.
   
   
   
2. Create a new application and save the generated Client ID and Client Secret
   
   
1. On the opened web page, click on ADD NEW APPLICATION to open the registration form for new applications:
   
   
   
   If you are trying to create an application for the first time and no applications have been created previously, click on CREATE NEW APPLICATION:
   
   
   
   
2. Fill in the fields Application Name and Application URL, then click on CREATE:
   
   A callback URL, also known as a redirect URL, is a web address that an authorisation server redirects the user to after it has granted access to your application. 
   When registering your application, you provide the callback URL to the authorisation server. This URL serves as a destination where the server redirects the user's browser to upon successful authorisation.
   The callback URL is designed to capture the authorisation code or access token, allowing your application to proceed with the authentication and authorisation process.
   
   By specifying the callback URL during the registration process, you inform the authorisation server about the appropriate endpoint to which the user is to be sent after granting access.
   
   Please note: if you are using Postman, the redirect URL must be set to "https://oauth.pstmn.io/v1/callback". If you are using your own service, then provide its redirect URL.
   
   
3. Upon creation of your application, the system will generate a unique Client ID and Client Secret for you. These credentials are essential for integrating your application with the relevant services.
   
1. Click on the COPY buttons to copy the credentials to your clipboard. 
   
2. Paste the copied credentials to a safe place, such as a password manager or a secure document. Avoid saving them in easily accessible or unencrypted locations to prevent unauthorised access.
   
3. To close the form, click on the "X" button.
   
   
   

Important note: the Client Secret is a crucial piece of information; once you close the form, it will be hidden and cannot be regenerated or copied again. Therefore, ensure to copy the Client Secret before closing the form to prevent any loss of this sensitive information.