Loopwise Docs
Guides

Managing OAuth Applications

How to create, configure, and manage OAuth applications in Loopwise.

OAuth applications can be managed through the school admin UI or via the Dynamic Client Registration endpoint.

Admin UI

School administrators can manage OAuth applications at Settings > OAuth Applications.

Creating an application

  1. Navigate to Settings > OAuth Applications
  2. Click New Application
  3. Fill in the application details:
    • Name — a descriptive name shown on the consent screen
    • Redirect URIs — one or more callback URLs (one per line)
    • Scopes — the permissions this application can request
    • Confidential — check this if your application can securely store a client secret
  4. Click Create

After creation, you'll see the client_id and client_secret (if confidential). Store the secret securely — it cannot be retrieved later.

Editing an application

From the application list, click the application name to view its details. You can update the name, redirect URIs, and scopes. The client_id cannot be changed.

Revoking an application

Deleting an application immediately revokes all access tokens and refresh tokens issued to it. Users who authorized the application will need to re-authorize if a new application is created.

Dynamic Client Registration

For automated integrations (such as MCP clients like Claude Code or Cursor), Loopwise supports RFC 7591 Dynamic Client Registration.

POST /api/oauth/register
Content-Type: application/json

{
  "client_name": "My Integration",
  "redirect_uris": ["https://myapp.com/callback"],
  "grant_types": ["authorization_code", "refresh_token"],
  "response_types": ["code"],
  "token_endpoint_auth_method": "none"
}

Known platforms

Loopwise recognizes the following client names and maps them to pre-registered platform applications:

Client name patternPlatform
ClaudeClaude Code
CursorCursor
WindsurfWindsurf
ReplitReplit
LovableLovable
BoltBolt

When a known platform registers, Loopwise returns the pre-registered application credentials for that platform. This ensures a consistent experience — users see the correct platform name on the consent screen.

For unrecognized client names, Loopwise falls back to a default platform application.

Discovery endpoint

Applications can discover OAuth configuration automatically via the well-known metadata endpoint:

GET /.well-known/oauth-authorization-server

This returns all endpoint URLs, supported scopes, and the default MCP client ID. See RFC 8414 for the full specification.

OAuth Quickstart

Get up and running with Loopwise OAuth 2.0 in minutes.

OAuth Overview

How OAuth 2.0 works in the Loopwise platform and why it matters for integrations.

On this page

Admin UICreating an applicationEditing an applicationRevoking an applicationDynamic Client RegistrationKnown platformsDiscovery endpoint