# Register OAuth client (DCR)

Open endpoint — no authentication required. Desktop/CLI apps call this once to obtain a client_id they persist locally and reuse for all future authorize flows.

Endpoint: POST /public/v1/oauth/register/
Version: 1.0.0

## Request fields (application/json):

  - `client_name` (string, required)
    Human-readable name of the client application.

  - `redirect_uris` (array, required)
    List of allowed redirect URIs. At least one is required. The redirect_uri used in the authorization request must exactly match one of these.

  - `scope` (string)
    Space-separated list of requested scopes. Available value: all. Defaults to all if omitted.

## Response 201 fields (application/json):

  - `client_id` (string, required)
    Unique identifier for the registered client. Persist this value — it is required for all subsequent authorization requests.

  - `client_name` (string, required)
    Human-readable name of the client application.

  - `redirect_uris` (array, required)
    Registered redirect URIs for this client.

  - `scope` (string, required)
    Space-separated list of scopes granted to this client.

  - `token_endpoint_auth_method` (string, required)
    Authentication method for the token endpoint. Always none (public client, PKCE required).

  - `grant_types` (array, required)
    Supported grant types. Always [authorization_code, refresh_token].

  - `response_types` (array, required)
    Supported response types. Always [code].

  - `client_id_issued_at` (integer, required)
    Unix timestamp of when the client_id was issued.


## Response 400 fields

## Response 422 fields