Skip to content

feat(oauth): Add UI for creating and viewing public OAuth clients #106654

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
BYK merged 10 commits into from
Jan 21, 2026
Merged

feat(oauth): Add UI for creating and viewing public OAuth clients #106654

BYK merged 10 commits into from
Jan 21, 2026
+362 −35

Conversation

@BYK
Copy link
Member

@BYK BYK commented Jan 21, 2026
edited
Loading

Summary

Adds frontend UI support for creating and viewing public OAuth clients, building on the backend support added in #106451.

image

Changes

Backend (api_applications.py):

  • Accept isPublic parameter when creating new applications
  • When isPublic=True, create application with client_secret=None

Serializer:

  • Add is_public field to ApiApplicationSerializer output

Frontend UI:

  • Add client type selection modal when creating new applications (Public vs Confidential)
  • Show "Public Client" or "Confidential Client" tag on application details page
  • Hide client secret section for public clients (they don't have one)
  • Add info alert explaining public client behavior and security considerations

Screenshots

Client type selection when creating new application

Public client details page showing no client secret

Test Plan

  • Added frontend tests for new UI components
  • Added backend tests for isPublic parameter handling
  • Existing OAuth token tests cover the backend functionality

Depends on #106451 (merged)
Closes #99002

@BYK
feat(oauth): Add UI for creating and viewing public OAuth clients
16f66e1 
- Add isPublic field to API application serializer
- Update API endpoint to accept isPublic parameter when creating applications
- Add client type selection modal when creating new applications
- Show 'Public Client' or 'Confidential Client' tag on application details
- Hide client secret section for public clients
- Add info alert explaining public client behavior
- Update frontend and backend tests
@BYK BYK requested a review from a team as a code owner January 21, 2026 10:12
@github-actions github-actions bot added Scope: Frontend Automatically applied to PRs that change frontend components Scope: Backend Automatically applied to PRs that change backend components labels Jan 21, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Jan 21, 2026

🚨 Warning: This pull request contains Frontend and Backend changes!

It's discouraged to make changes to Sentry's Frontend and Backend in a single pull request. The Frontend and Backend are not atomically deployed. If the changes are interdependent of each other, they must be separated into two pull requests and be made forward or backwards compatible, such that the Backend or Frontend can be safely deployed independently.

Have questions? Please ask in the #discuss-dev-infra channel.

sentry[bot]
sentry bot reviewed Jan 21, 2026
View reviewed changes
cursor[bot]

This comment was marked as outdated.

Sign in to view

@BYK
fix: Update Tag and Alert props to use variant instead of type
ff5eb29 
- Change Tag prop from 'type' to 'variant' (and 'default' to 'muted')
- Change Alert prop from 'type' to 'variant'
- Fix CreateApplicationModalProps to not extend full ModalRenderProps
BYK and others added 2 commits January 21, 2026 13:56
@BYK
fix: Address PR review - use ButtonBar component and prevent rotate-s…
7943023 
…ecret on public clients

- Replace custom ButtonBar styled component with existing ButtonBar from sentry/components
- Add backend check to return 400 error when attempting to rotate secret for public clients
- Add test to verify public clients cannot rotate secrets
@getsantry
🛠️ apply pre-commit fixes
5b83b2e
@BYK
fix: Fix tests for public client UI changes
e5c3faf 
- Move client type tag to subtitle in SettingsPageHeader for proper heading accessibility
- Update acceptance test to handle new client type selection modal
cursor[bot]
cursor bot reviewed Jan 21, 2026
View reviewed changes
Copy link
Contributor

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.

@BYK
fix: Add missing isPublic field to test mocks for consistency
eff0b66 
Address PR review comment - add isPublic: false to mock responses in
'renders basic details for confidential client' and 'handles client
secret rotation' tests to match the ApiApplication type definition.
@BYK BYK enabled auto-merge (squash) January 21, 2026 15:46
@BYK BYK merged commit 5447b01 into master Jan 21, 2026
68 checks passed
@BYK BYK deleted the feat/oauth-public-client-ui-v2 branch January 21, 2026 16:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sentry sentry[bot] sentry[bot] left review comments

@cursor cursor[bot] cursor[bot] left review comments

@betegon betegon betegon approved these changes

Assignees

No one assigned

Labels

Scope: Backend Automatically applied to PRs that change backend components Scope: Frontend Automatically applied to PRs that change frontend components

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

OAuth 2.1 — Plan and Tracking

3 participants

@BYK @betegon