Client Apps

Client Apps represent external applications that integrate with PredictaID.

Authorized operators create and manage Client Apps in the dashboard. The Client Secret is shown only when the app is created or rotated, so store it immediately in your backend secret manager.

Public Client Info

Endpoint: GET /client-apps/public/:clientId (No Authentication Required)

Use this endpoint to fetch branding and public metadata for hosted or embedded verification experiences. It does not return the Client Secret.

Response

{
  "name": "My E-commerce App",
  "publicName": "Shopify Integration",
  "branding": {
    "logoUrl": "https://...",
    "primaryColor": "#000000"
  },
  "clientId": "client_abc123"
}

Server-Side API Access

Use the same Client ID with its Client Secret for public server-to-server APIs:

x-client-id: client_abc123
x-client-secret: your_client_secret

Do not call authenticated APIs directly from browsers or mobile apps with the Client Secret.

Operational Notes

Disable unused Client Apps.
Rotate secrets when operators leave or a secret is exposed.
Keep separate apps for staging and production.
Confirm which scopes or tenant features are enabled before relying on an endpoint in production.

Public Client Info​

Response​

Server-Side API Access​

Operational Notes​

Public Client Info

Response

Server-Side API Access

Operational Notes