[id="proc-creating-oidc-client_{context}"]
==== Creating an OpenID Connect Client
[role="_abstract"]
To protect an application that uses the OpenID connect protocol, you create a client.

.Procedure
. Click *Clients* in the menu.  

. Click *Create* to go to the *Add Client* page.
+
.Add Client
image:{project_images}/add-client-oidc.png[Add Client]

. Enter any name for *Client ID.*

. Select *openid-connect* in the *Client Protocol* drop down box.

. Enter the base URL of your application in the *Root URL* field.

. Click *Save*.
ifdef::api-management[]
. Configure the client permissions
.. Set *Access Type* to *confidential*.                                     
.. Set *Standard Flow Enabled* to *OFF*.                                     
.. Set *Direct Access Grants Enabled* to *OFF*.                                     
.. set *Service Accounts Enabled* to *ON*.                                     
. Set the service account roles for the client:                             
.. Click the *Service Account Roles* tab.
.. Click *Client Roles* and enter *realm-management*.
.. Under *Available Roles*, select *manage-clients*.
.. Click *Add selected >>* to move *manage-clients* under *Assigned Roles*.
. Note the client credentials
.. On the Credentials tab, make a note of the Secret field
.. On the *Settings* tab, make note the client ID that you assigned.
. Click *Save*.
endif::[]

ifdef::standalone[]
This action creates the client and bring you to the *Settings*
tab.

.Client Settings
image:{project_images}/client-settings-oidc.png[Client Settings]

[role="_additional-resources"]
.Additional resources
* For more information about fields on the *Settings* tab, see xref:con-basic-settings_{context}[Basic Settings].
* For more information about the OIDC protocol, see xref:con-oidc_{context}[OpenID Connect].
endif::[]