New OIDC client
Name (display)
The slug below auto-syncs from the name. You can override it manually.
App slug
Active org didn't load — using the raw slug without a prefix.
Advanced mode — type the Client ID manually
Description (optional)
Application type (optional)
Custom (default)
WordPress
Perfex CRM
Laravel
Next.js
SvelteKit
Django
Ruby on Rails
Node.js (Express / Fastify)
SPA (React / Vue / Vanilla JS)
Other
Optional — defaults to custom. Drives the right provisioning form (WordPress / Perfex use the source-app REST API; everything else creates the user directly in WolfieAuth) and the right integration snippets. Can be changed later.
Environment / Env
Production (default)
Staging
Development
Preview
Deployment label — distinguishes a staging copy from production on the apps list. You can stand up a separate client for staging (with its own redirect URIs) next to a production version. Defaults to production. Non-prod envs append a suffix to the clientId: -staging, -dev, -preview — so copies of the same app don't collide. Production leaves the clientId unsuffixed.
Application domain (optional)
Type the bare hostname (e.g. crm.wolfiecloud.com) — no protocol needed; the form forces https:// automatically (except for localhost / .local / .test hosts, which use http://). The Redirect URIs field below fills itself from the domain + app type combo. Changing the app type re-derives them; once you edit the textarea manually, auto-sync stops.
Redirect URIs (one per line)
URLs WolfieAuth is allowed to redirect to with the auth code after a successful login. Your app must pass exactly one of these as redirect_uri on the /authorize request — otherwise OIDC refuses (open-redirect protection). One callback per line. Convention: WordPress uses /wp-admin/admin-ajax.php?action=wolfieauth_callback, Perfex uses /wolfieauth_client/callback, SPAs use /callback, everything else uses /auth/callback.
Trusted (skip the consent screen)
Create client
Cancel