Skip to main content

Transform Help Center

How are authentication credentials of apps managed in billwerk?


  • Add clients

  • Permissions for confidential clients

  • Delete clients

Add clients

In order to manage authentication credentials that enable third party applications to access billwerk please follow these steps:

  1. Settings > billwerk Apps > My Apps.

  2. On the My Billwerk Apps page, choose a Name and a Client Type to register a new app in billwerk.

  3. Then generate the credentials for the app by clicking on Add.

My billwerk Apps

The selection of the correct client type for the an app is essential.

Public clients do not use secret key. This client type can be used i.e. for JavaScript applications, desktop applications or mobile apps. Such clients are typically used with the "resource owner password flow", i.e. the end users must disclose their individual user name and password in addition to the public client ID.


OpenID Connect Client: used to establish a communication to a client that needs an OpenID connection . OpenID Connect is an interoperable authentication protocol that simplifies the way to verify the identity of users based on the authentication performed by an Authorization Server and to obtain user profile information in an interoperable and REST-like manner.



Note: Once you chose one of these two Client Types, they will just be added to the list immediately, without further options.

Confidential clients are those that can store a secret. Typically this is only relevant for web apps. Confidential clients receive a secret that they have to protect. They can fully authenticate themselves with the credentials. For example, this is required for API integration when using signup pages.

For Confidential Clients, another screen opens right upon creation, where additional information can be added:

Choosing this Client Type you can create a secret.

Enter a name for this key and click on the + button.


Important: Copy and securely store the secret in your system — you will not be able to view it later.


As you can see there are more options that we will discover now.

Permissions for confidential clients

You have two possible options:

  1. Set the client to be able to access all routes or

  2. Set the client to be able to access only specific routes.

If you deactivate the checkbox All Routes, you have to enter at least one route for the client. 9905386959644-mceclip3.png In order to do so, please:

  1. Select a method.

    • Get

    • Post

    • Put

    • Delete

  2. Enter the exact route, i.e. api/v1/account.

  3. Click on + if you would like to add more routes.

  4. Then click on Save.

Delete clients

Existing authentication credentials can be removed from billwerk by clicking the Delete button:

My billwerk Apps