Skip to main content
Planview Customer Success Center

OAuth2 Client Credentials

The OAuth2 credentials tab allows users to create credentials that can be used to connect Planview products with other external tools such as Power BI.

The Planview Products and Shared Services that currently support OAuth2 credentials are:

  • Planview OKRs
  • ProjectPlace
  • Logbook (currently in Planview Labs)

This article will show you how to manage and generate OAuth2 credentials in Planview Admin. To learn how to use your credentials please refer to the specific product documentation.

OAuth2 credentials table

OAuth2 client credentials are displayed in a table in the OAuth2 credentials tab. The table displays the following information.

Header Description
Name The name of the credentials.
Application The application the credentials are used to access.
Created on The date the credentials were created.
Created by The user that created the credentials.
Last used on The latest date the credentials were used.
Revoked on The date the credentials were revoked. This field will be blank if the credentials are still active.
Revoked by The user that revoked the credentials. This field will be blank if the credentials are still active.
ID The client ID generated when the credentials were created.

Managing OAuth2 credentials

To add new OAuth2 client credentials:
  1. In the OAuth2 credentials tab, click Create OAuth2 credentials.
  2. Name your credentials and select an application form the dropdown.
  3. Click the Create OAuth2 credentials button. A new modal will appear with a client ID and Secret.
  4. Copy the ID and Secret and store them in a secure location. You can click the icons to the right of each field to copy them to your clipboard.
  5. Click Close.

               

    WARNING

    For security reasons, you cannot view the client Secret once you click Close. Please make sure that you completed Step 4. Publicly exposing your credentials can leave your account vulnerable to unexpected or malacious actors.

               

The new credentials are added to the credentials table. 

To revoke existing credentials:
  1. In the credentials table, click on the three dots at the end of the row that belongs to the credentials you want to revoke.

               

    TIP

    To revoke multiple credentials at once, check the boxes next to the credentials you want to revoke, open the Actions menu in the upper right corner of the page, and click Revoke credentials.

               

  2. Click Revoke credentials.
  3. In confirmation modal that appears, click the Revoke credentials button.

               

    WARNING

    Proceeding with this action will immediately invalidate the authentication for any selected credentials. This action cannot be undone. Any integration using the selected credentials for authentication will immediately lose access to its associated products. You will need to reconfigure the authentication to continue accessing any product connected to the selected credentials.

               

The selected credentials will be revoked.

Using OAuth2 credentials

The OAuth2 credentials can be used with the OAuth2 Client Credentials flow to obtain an access token. This access token can then be used to access APIs such as for OKRs reporting.  

Make a POST request to https://<region>.id.planview.com/io/v1/oauth2/token where <region> is one of "us", "eu" or "ap". For example: 

curl -X POST https://<region>.id.planview.com/io/v1/oauth2/token \
 -H 'Content-Type: application/x-www-form-urlencoded' \
 -d 'grant_type=client_credentials' \
 -d 'client_id=<Client ID>' \
 -d 'client_secret=<Client Secret>'

The response of the above command will be:

{
   "access_token": <bearer token>,
   "id_token": <idToken>,
   "expires_in": <expiresIn>,
   "token_type": <tokenType>
}

The the access token can then be used as a bearer token header on API requests:

Authorization: Bearer <bearer token>