.svg?fit=max&auto=format&n=mg7j3j61cBmODq_w&q=85&s=9d6b9cab54b8d7683318a9eec2df333d)
.svg?fit=max&auto=format&n=mg7j3j61cBmODq_w&q=85&s=25c26e62fec62cbde9a4e8913d45aadf)
ptnapp_ client ID and a consent link, and start connecting customers immediately. There is no approval queue — the real gate is the consent screen, where each customer explicitly grants your app its scopes.
Create the App
In the OpenTrain app, go to Settings → Developer and create an app under Platform apps:| Field | Required | Constraints |
|---|---|---|
| Name | Yes | What customers see on the consent screen. Max 120 characters. |
| Slug | Yes | Lowercase letters, digits, hyphens (my-platform), 1–50 characters. Immutable after creation — it becomes part of your consent link. |
| Description | No | Shown to customers for context. Max 500 characters. |
| Website URL | No | Your platform’s site. |
| Redirect URIs | No | Up to 10 http(s) base URIs. Required only if you pass redirect_uri on the consent link — the URI must match a registered one (same origin, path starts with the registered base path). |
| Scopes | Yes | At least one of the seven Platform API scopes. Request only what you need — customers see every scope on the consent screen. |
- Your client ID (
ptnapp_…) — a public identifier for your app. - Your consent link — what you send customers to connect:
There is no client secret. Your app never authenticates as itself — each
customer’s consent mints an install-scoped
ot_ptk_… token, shown once on
the consent screen, and that token is the credential your platform stores.
See Consent and Installs.Managing the App
From the same settings section you can:- Edit everything except the slug — name, description, website, redirect URIs, and scopes. Scope changes apply to new installs only; existing installs keep the scopes their customer granted until they reconnect.
- Deactivate — flips the app to
DISABLED: the consent link stops accepting new connections and API requests from existing installs are refused until you reactivate. Use it as an emergency brake. - Reactivate — restores new connections and existing installs’ API access.
What Happens Next
- Send a customer your consent link (optionally with
external_project_id,redirect_uri, andstate— see the consent deep link). - They approve the scopes and copy the one-time
ot_ptk_…token into your platform’s settings. - You call the Platform API with that token, register webhooks, and link projects.
Consent and Installs
The deep link, scopes, PII consent, and the one-time token.
Reference Integration
A complete webhook-consumer walkthrough you can adapt.