API ReferenceIntegrationsKnowledge Base

Applications and Clients

Applications are the external entities that are visible to the user. Internally however, Razorpay OAuth works with clients that are identified by their client_id.

When an application is created on Razorpay, automatically two clients that are linked to the application are created - a development and a production client. Each client gets it's own client_id and client_secret. The development client can be used in your sandbox environment, or in the integration phase. The production client can be used once you go live.

The differences in usage of these two clients are explained below:

Clients🔗

The attributes of a client are described below:

Client ID
Publicly exposed identifier of the client, generated uniquely. It helps identify your application on Razorpay.
Client Secret
Privately shared string between the application and Razorpay. The client secret should never be exposed publicly. It helps to authenticate the identity of the application on server-to-server API calls.
Redirect URIs
This is a whitelisted set of URIs, defined during creation. In order to prevent man-in-the-middle attacks, production clients can only use secure HTTPS URIs.

Development and Production Usage🔗

The usage restrictions on development and production clients are as follows:

  1. Redirect URI: Development clients can have any Redirect URI's whitelisted - including non-HTTP and localhost. Production clients cannot use non-HTTPS Redirect URIs.

  2. Mode Access: Razorpay provides two modes/environments where the merchant can operate - test and live. While development clients can access both modes, production clients may only access live mode data.

Create an Application🔗

The first step towards building an OAuth integration is creating an application.

Note:
Only an Admin user can create applications on Razorpay dashboard.

To create an application,

  1. On the left menu of the dashboard, go to Settings and click Applications.
  2. Click Create Application under the Created Applications section.
  3. Enter the Application Name. The name provided here is displayed on Razorpay's authorization interface.
  4. Enter the URL of the application's website under Website.
  5. Upload a Logo for the application. It should be a square image. If no logo is provided, a default logo will be used.
  6. Click Create to create the application on Razorpay. On success, the following fields are displayed:
    • Client ID and Secret (read only) for development and production clients.
    • Redirect URIs which are whitelisted URIs for development and production clients. You can define multiple redirect URIs.
  7. You can edit the Redirect URIs for your clients and click Save
×