Custom applications

Custom applications can be used to automate business workflows, such as onboarding new Kiteworks users to access relevant folders automatically. Kiteworks APIs are used to develop custom applications. On the Custom Application page a list with all the custom applications that already exist on the system is displayed.

To create a custom application:

  1. In the new Kiteworks Admin console, go to Security Policies > Clients and Plugins > API tab, and then click Add Custom Application.

  2. Enter the following information:

    • Name: Enter a name for your custom application.
    • Description: Enter a description for your application.

    • Flows: Select the authorization flow that your application will use to obtain an access token.

      • Authorization Code: Standard OAuth 2.0 authorization-code grant type consists of authorization, consent, and code redemption process.
      • Signature Authorization: Use this flow when the registered client can verify the identity of the user. This flow should only be used for trusted applications. You can choose to either generate a random signature key or manually enter the key.
      • User Credentials: Use this flow to allow the registered client to obtain the access token by providing the user's username and password. This flow should only be used for trusted applications that cannot use a web form-based login, but need the user to authenticate with their username/password, e.g., any command line based utilities. This flow follows the Resource Owner Password Credentials Grant specified in RFC 6749.
    • Enable Refresh Token: If enabled, when an access token expires, a new access token can be obtained using a refresh token without re-initiating the authorization process.
    • Redirect URI: Specify a redirect URI for securely passing authorization requests. The Redirect URI can contain custom schemes like a server URL (e.g. https://) or an app URL (e.g. myapp://). For example, myapp://127.0.0.1/path. Or it could contain %%HOST%% which will resolve the hostname of the current Kiteworks instance. For example, https://%%HOST%%/oauth_callback.php.
    • Access Token Lifetime: Set the duration of a token lifetime.
    • Refresh Token Lifetime: If “Enable Refresh Token” is enabled, set the duration that an access token can be refreshed.

  3. Click Add Application.

    The Add Client Application dialog box will show the Client Application ID, Client Secret Key, and the Signature Secret. Record the information in a secure location.

    Caution: The Client Application ID and Client Secret Key cannot be changed and should be protected since these credentials could be used to access Kiteworks systems -- potentially exposing these systems to loss or theft of critical information. You are responsible for keeping these credentials safe and sharing them with only trusted individuals.

  4. Click the custom application you just created and customize the Settings, Scopes, Security and Distribution tabs.

    • Settings: You can make changes to the settings, if desired.

    • Scopes: Select the APIs you plan to use for your custom application. Scopes are defined limits to client applications for accessing data. By selecting the appropriate scopes for the application, clients can enable or restrict certain tasks to be performed by a user or on behalf of a Kiteworks user. Every custom application that is created can have server-side authorization scopes. You can define on the server what endpoints the custom application is allowed to use and how it can use those endpoints.

    • Security:

    • Remote Wipe Enabled: Enable Remote Wipe for the application.

    • Pin Enabled: Specify whether a PIN should be enabled for this application. Recommended for mobile applications.

    • White Listed Apps: List third- party mobile applications that can be used to open files via the Open- In menu. Use comma- separated ID Search Strings, e. g. , com. domainname. appname, *.

  5. Click Save.

    • To test the custom application, go to https://<hostname of your Kiteworks deployment>/rest/index.html.

    • To prepare the application for distribution, click the Distribution tab. Export the application package and submit it for certification at developer.kiteworks.com.