# How to create an OAuth app in Digits Before you get started, make sure you have a [Digits developer account](https://my.digits.com/join/developer). ## 1. Create your OAuth app Log in to your Digits account and navigate to the **Developer** section in the left sidebar. Click **Create App** to start the app creation process. ## 2. Identity settings Configure your app's identity information: - **App Name**: Enter a meaningful name that your users will see during authorization (e.g., "Your Company - Accounting Integration") - **Tagline**: A brief description of your app's purpose - **Icon**: Upload an app icon - this appears on the Developer Dashboard and the install/auth screen Your icon is the first thing users see, so choose something that builds trust and represents your brand. ## 3. Summary details Fill in your app's summary information: - **Description**: Explain what your app does and how it integrates with Digits - **Homepage URL**: Your company website or SaaS product URL (must begin with `https://`) - **Support Email**: Where users can reach you for help - **Developer Contact Email**: For Digits to contact you about your app ## 4. Redirect URL configuration In the Configuration section, set up your redirect URLs. Add the following redirect URL: ``` https://unify.apideck.com/vault/callback ``` **Important notes:** - Redirect URLs must be complete URLs - No wildcards or fragments are allowed - IP addresses are not permitted (except `localhost` for local development) - The redirect URI must **exactly match** your registered URI for OAuth to work ## 5. Get your credentials Navigate to the **Keys** tab to find your client credentials. At the top of the page, you can toggle between **Development** and **Production** environments: - **Development credentials**: Work immediately without approval, ideal for testing - **Production credentials**: Require additional metadata and approval before public distribution Copy your **Client ID** and **Client Secret** - you'll need these in the next step. ## 6. Configure scopes Digits offers three permission scopes: | Scope | Description | |-------|-------------| | `source:sync` | Write ledger data to Digits | | `ledger:read` | Read ledger data from Digits | | `documents:write` | Upload and manage documents | **Best practice**: Apply the principle of least privilege - request only the scopes your app actually needs. For read-only accounting integrations, `ledger:read` is typically sufficient. ## 7. Vault Connection Setup Now that you have your Digits app credentials, configure them in Apideck: 1. Go to [Apideck Configuration > Accounting > Digits](https://platform.apideck.com/configuration/accounting/digits) 2. Under **Use your Digits client credentials**, enter: - **Client ID**: Your Digits Client ID from the Keys tab - **Client Secret**: Your Digits Client Secret 3. Review that the requested scopes match what you've configured 4. Click **Save settings** You can test the connection by clicking **Test Vault**, which will verify the credentials are working. Your users can now securely authorize connections to their Digits accounts. ## Publishing for production Development credentials work immediately for testing. To distribute your app publicly, you'll need production approval: 1. Switch to the **Production** environment in the Keys tab 2. Provide additional required metadata: - Install URL - Privacy Policy URL - Terms of Service URL 3. Submit your app for production approval via the **Publishing Apps** section ## FAQ and troubleshooting ### Invalid redirect URI error **Symptom**: OAuth flow fails with redirect URI mismatch error **Fix**: Ensure the redirect URI in your Digits app configuration exactly matches `https://unify.apideck.com/vault/callback` (no trailing slash, correct protocol). ### Token exchange fails **Symptom**: Authorization succeeds but token exchange returns an error **Fix**: - Verify your Client Secret is correct (regenerate if needed) - Ensure you're using credentials from the correct environment (Development vs Production) ### Scopes not granted **Symptom**: API calls return permission errors after successful authorization **Fix**: Check that the scopes requested in Apideck match the scopes configured in your Digits app. Update the Apideck connector settings if needed. ## Resources - [Digits Developer Documentation](https://developer.digits.com/docs) - [Digits Authentication Guide](https://developer.digits.com/docs/authentication) - [Digits App Creation Guide](https://developer.digits.com/docs/app-creation)