Documentation Index
Fetch the complete documentation index at: https://preflight-ee1e633f.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
OAuth connects user-authorized clients to your APIs without sharing primary passwords. Treat client secrets like production credentials—rotate them and restrict who can create apps.
Register an app
Create an application in Developer settings and note the client ID and secret.
Environments
Maintain separate apps for staging and production so tokens never cross environments accidentally.
Scopes
Request the smallest scope set that satisfies your feature. Review quarterly as APIs expand.
User consent
Write user-facing copy that explains why each scope is needed—reviewers and security questionnaires ask.
Redirect URLs
Use HTTPS endpoints and avoid wildcards in production. Register separate entries for staging and production.
PKCE
Prefer PKCE for public clients to reduce interception risk on mobile and SPA flows.
