페이지 이동경로
  • Docs>
  • Business Authentication>
  • Prerequisites

Business Authentication

Prerequisites

This document explains what you have to do before integrating Business Authentication APIs.

Consent items

You can enable business consent items in [Business Authentication] > [Consent Items] on the app management page.

Business consent items set for the app are reflected on the Business Authentication consent screen. For details and a full list of business consent items, see Business consent items.

For detailed configuration, see the descriptions for each item below.

Request additional features

Business consent items can only be set if you have permission to use additional features. For how to request permission, see Request additional features.

The requirements for setting business consent items can be found in Request additional features.

Consent item setting

You can set business consent items required for retrieving service information or using features. The configured consent items are reflected on the Business consent screen.

See the step-by-step guide below.

1. Check consent items
Business consent item settings

Check what items require user consent in your service by referring to 🅐 Personal information consent items and 🅑 Access permission consent items.

Click [Set] for the desired consent item. Some consent items require Request additional features to be completed first before they can be configured.

2. Set consent items

🅐Select consent types and enter the usage purpose in 🅑 consent purpose, then select [Save].

Business consent item modal

Redirect URI

You can register a redirect URI for Business Authentication in [Business Authentication] > [Redirect URI] on the app management page. Business Authentication issues an authorization code to the redirect URI registered in the Business Authentication process.

If you request a business authorization code with an invalid or unregistered redirect URI, an error will occur.

Registering a Business redirect URI

Register the Business redirect URI according to the following rules.

  • Up to 10 redirect URIs can be registered.
  • Only HTTP and HTTPS protocols are supported.
  • Since HTTP and HTTPS protocols are distinguished, each must be registered separately.
Note: Guide to using the redirect URI
  • By registering multiple redirect URIs, you can redirect users to appropriate service pages (such as landing pages or additional information input pages) after Business Authentication.
  • Business redirect URIs cannot contain arbitrary parameters in the path. To maintain or transmit specific information during the Business Authentication process, use the state parameter. For more information on the state parameter, refer to Get business authorization code.
  • Wildcard characters can be included in the domain of the Business redirect URI. For more details, refer to Wildcard subdomains.
  • If you need to register more than 10 Business redirect URIs, contact DevTalk.

Transfer personal information overseas

You can register the transfer personal information overseas in in [Business Authentication] > [Transfer of Personal Information Overseas] on the app management page.

How to register information related to the transfer of personal information overseas

🅐 Country where personal information is stored: Enter the country where personal information is transferred to. 🅑 Corporation name (company): Enter the name of a corporation to which the personal information is transferred. 🅒 Contact: Enter the contact information for 🅑, such as the email, phone number, or customer service URL of the person in charge of information management, for inquiries related to personal information.

Based on the information entered, the [Consent to transfer personal information overseas] required consent item is added to the Business Authentication consent screen. Users can select [view more] for this consent item to check the details and provide consent.

Consent screen for Transfer personal information overseas

Client Secret

You can use a Client Secret to enhance the security.

Select [Issue client secret] in [Business Authentication] > [Client secret] on the app management page.

Client Secret screen

🅐 Delete: Deletes the issued client secret. 🅑 Reissue: Generates a new client secret. Can be used when updating the client secret or when leakage is suspected. 🅒 Set: Changes client status. Its status must be [Enable] to use the client secret.

Precautions when deleting or reissuing

When you delete or reissue a client secret, the previous code cannot be recovered, which causes all requests for token issuance using the previous client secret to fail.

Note: How to change Client Secret for service in operation
  1. 🅒Click [Set] to change [Status] to [Disable].
  2. 🅑[Reissue] to generate a new client secret code.
  3. Apply the new client secret code to the service.
  4. 🅒Click [Set] to change [Status] to [Enable].
Business Authentication> Prerequisites