Login with client credentials flow

The client credentials with user delegation flow may be used by highly-trusted server-to-server applications to provide active authentication.

In this authorization flow, the app installer within a particular Seismic tenant consents a particular user to be the sole delegated user. The delegated user is the user that will be used to retrieve access tokens, and is the user that should be considered as the actor for any actions taken by the app.

Unlike the authorization_code and implicit flows, this authentication flow does not redirect users to a login page. It authenticates a user, predetermined by the tenant admin, with a single request. This flow should only be used by trusted server-to-server applications.

You should use this flow only if using a redirect-based flow is not possible. If this is not the case and redirects are possible in your application, you should use the authorization_code or implicit flow instead.

Storing delegated user credentials for the client credentials flow

When you register an app to use the client credentials flow, you will also need to specify a callback URL (field name is Delegation user selected callback).

Each time the delegated user for an app is added/changed by a tenant admin, Seismic will post to the endpoint you’ve defined in this callback field. The payload will be formatted as:

POST /api/v1/applications/zenDesk/config HTTP/1.1
x-seismic-signature: 3548541BF3C6431018DABB6BEAE815158A565843C60F38CFE6894514F3B49A2B
Content-Type: application/json
Accept: */*
Cache-Control: no-cache
Host: localhost:5580
Connection: keep-alive
Content-Length: 296
    "userId": "1", // this is the admin user who set the delegation user
    "userEmail": "[email protected]", // this is the admin user who set the delegation user
    "delegationUserId": "b48d244c-1cce-4e6b-aad9-7e6820a99hh7",  //the ID of the selected delegation user
    "appId": "fcdd244c-1cce-4e6b-aad9-7e6820a99a20",
    "appName": "ZendeskTest",
    "tenant": "intdev2",
    "tenantId": "b061ad37-1f5a-4531-b7d3-89807dccca68",
    "requestId": "8709b156-b0d2-45fe-a43c-8aff052af56f",
    "version": "0.1.1",
    "timestamp": "2020-09-08T14:55:06Z"

Your system must remember the delegationUserId returned in this callback, as it will be needed to retrieve access tokens for this particular client.