Authentication

Generating credentials in Laserfiche cloud

Generate OAuth credentials to begin using the Laserfiche API. Subsequent requests can use the access token received in the response from the initial connection creation request.

Note: Access Tokens used to access APIs are secrets and should be stored securely. To prevent CSRF attacks, it’s NOT recommended to store secrets or sensitive information in cookies.
Access Tokens stored client side can be vulnerable to CSRF and XSS attacks. Security is a shared concern and best practices should be used to minimize risks. Best practices for your application will depend on your implementation and architecture. Click here for more details.

For Laserfiche Cloud, version 1 and later of the APIs follow the OAuth model.

• Learn how to create a connection for your OAuth Service App.
• Learn how to create a connection for your OAuth Single-Page App.
• Learn how to create a connection for your OAuth Web App.

Creating a connection in self-hosted systems

• Learn how to create a connection using the password flow.