Skip to content
CMMS
Platform
OverviewRisk EngineReporting & DashboardsCapital PlanningDigital Twin Viewer
Solutions
Hospitals & Health SystemsUniversities & CampusesK–12 School DistrictsData CentersIndustrial & ManufacturingSenior Living & Long-Term CareView all 24 industries →
Pricing
Pricing OverviewPilot Program
Resources
BlogCase StudiesROI & Cost-BenefitSample Report
Company
AboutCareersImpactContact
Sign upSign inBook a demo

Administration

OAuth Apps and Connected App Access

Admins register OAuth 2.0 apps with scopes and redirect URIs, while users review and revoke connected apps from their account.

Updated June 5, 2026

Registering an OAuth app

Open OAuth apps from the workspace. Admins with API access provide an app name, optional description, optional homepage URL, one or more redirect URIs (one per line, HTTPS for production), requested scopes, and a confidential-client setting. The redirect URI must match your callback endpoint exactly.

Available scopes

The form includes read:profile, read:work_orders, write:work_orders, read:assets, write:assets, and read:reports. Request the smallest scope set the integration needs.

Client secret and clients

Rivolq shows the client ID and client secret once at creation. Copy the secret immediately and store it in your secrets manager, not in source code or chat. Use a confidential client for server-side apps; public apps should use PKCE.

Connected apps for users

Each user can open Connected apps to see apps with access, their granted scopes, when access was granted, and last used time. Removing access revokes that app for that user; they can reconnect later. Deleting an OAuth app breaks integrations using that client.

← PreviousScheduled ExportsNext →AI Provider BYOK

Still need help?

Reach out for broken behavior, account-specific help, or billing questions.

Contact support
Book a demo