Using OAuth2 Clients for secure API access to your tenant
Written by Cole Docherty
Updated at December 2nd, 2025
- Release Notes
- Newly Released Features
- Getting Started
- Roles & Permissions
- Manifests
- Order Management
- Automations
- Employee Management
- Customer Management
- Customer Portal
- Stock Management
- Part Requests
- Price Lists
- Invoicing
- Reporting
- Custom Fields
- Integrations
- GSX
- Shipments
- Service Contracts
- Configuring Your Environment
- Incoming Part Allocation
- Appointment Booking
Table of Contents
Setting up OAuth2 Clients
- Navigate to System Settings > API > OAth2 Clients
- Click the Create New Client button.
- Enter the Client name.
- Choose the appropriate Access Level for your use case.
- Select the Admin access level for internal API projects that require full access to all resources.
- Choose Customer when a customer or partner is building an API integration and should only have access to the resources they own.
- Select the Owner. For Customer access, this should be the customer profile in your Fixably tenant you expect repairs to be attached to.
- Set the Token expiration time.
- Scopes are used to determine which endpoints can be used and accessed. Select the appropriate options based on your use case.
- If required, you can also use Excluded fields to further refine what data is accessible. For example, a customer could have access to GET order lines, but you can restrict access to your Purchase Price for the part.
- When complete, you'll see a confirmation message.
Managing OAuth2 Clients
- Navigate to System Settings > API > OAth2 Clients
- You will see a list of any OAuth2 Clients that are setup in your tenant.
- Under the gear menu, you have additional management options.
- Edit allows you to modify the scope and excluded fields, as well as modify the expiry date.
- View Sessions will show any active sessions using this OAuth2 client.
- Logs will show any API logs to assist with validation and troubleshooting.
