> ## Documentation Index
> Fetch the complete documentation index at: https://openworklabs.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Get an org's OAuth client configuration for a provider

> Admin-only. Returns setup status, the saved OAuth client id when configured, selected permission features, the callback redirect URI, and the full scope list members will be asked to approve. Never returns the client secret.



## OpenAPI

````yaml /openapi.json get /v1/oauth-providers/{providerId}/client
openapi: 3.1.0
info:
  title: Den API
  description: >-
    OpenAPI spec for the Den control plane API.


    Authentication:

    - Use `Authorization: Bearer <session-token>` for user-authenticated routes
    that require a Den session.

    - Use `x-api-key: <den-api-key>` for API-key-authenticated routes that
    accept organization API keys.

    - Public routes like health and documentation do not require authentication.


    Swagger tip: use the security schemes in the Authorize dialog to set either
    `bearerAuth` or `denApiKey` before trying protected endpoints.
  version: dev
servers: []
security: []
tags:
  - name: System
    description: Service health and operational routes.
  - name: Organizations
    description: Top-level organization creation and context routes.
  - name: Invitations
    description: Invitation preview, acceptance, creation, and cancellation routes.
  - name: API Keys
    description: Organization API key management routes.
  - name: SCIM
    description: Organization SCIM connector management routes.
  - name: SSO
    description: Organization single sign-on connector management routes.
  - name: Members
    description: Organization member management routes.
  - name: Roles
    description: Organization custom role management routes.
  - name: Teams
    description: Organization team management routes.
  - name: Templates
    description: Organization shared template routes.
  - name: LLM Providers
    description: Organization LLM provider catalog, configuration, and access routes.
  - name: Skills
    description: Organization skill authoring and sharing routes.
  - name: Skill Hubs
    description: Organization skill hub management and access routes.
  - name: Workers
    description: Worker lifecycle, billing, and runtime routes.
  - name: Worker Runtime
    description: Worker runtime inspection and upgrade routes.
  - name: Worker Activity
    description: Worker heartbeat and activity reporting routes.
  - name: Telemetry
    description: Telemetry event ingestion and adoption analytics.
  - name: Admin
    description: Administrative reporting routes.
  - name: Users
    description: Current user and membership routes.
  - name: Bootstrap
    description: Agent-first provisional workspace setup routes.
paths:
  /v1/oauth-providers/{providerId}/client:
    get:
      tags:
        - Authentication
      summary: Get an org's OAuth client configuration for a provider
      description: >-
        Admin-only. Returns setup status, the saved OAuth client id when
        configured, selected permission features, the callback redirect URI, and
        the full scope list members will be asked to approve. Never returns the
        client secret.
      operationId: getV1OauthProvidersByProviderIdClient
      parameters:
        - in: path
          name: providerId
          schema:
            type: string
            minLength: 1
            maxLength: 255
          required: true
      responses:
        '200':
          description: OAuth client configuration.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OAuthClientConfigDetailResponse'
        '401':
          description: The caller must be signed in.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UnauthorizedError'
        '403':
          description: >-
            Only workspace owners and admins can view an OAuth client
            configuration.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ForbiddenError'
        '404':
          description: Unknown providerId.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UnknownOAuthProviderError'
components:
  schemas:
    OAuthClientConfigDetailResponse:
      type: object
      properties:
        providerId:
          type: string
        configured:
          type: boolean
        clientId:
          anyOf:
            - type: string
            - type: 'null'
        features:
          type: array
          items:
            type: string
        scopes:
          type: array
          items:
            type: string
        redirectUri:
          type: string
        tenantId:
          anyOf:
            - type: string
            - type: 'null'
      required:
        - providerId
        - configured
        - clientId
        - features
        - scopes
        - redirectUri
        - tenantId
    UnauthorizedError:
      type: object
      properties:
        error:
          type: string
          const: unauthorized
      required:
        - error
    ForbiddenError:
      type: object
      properties:
        error:
          type: string
          enum:
            - forbidden
            - reauth
        reason:
          type: string
        message:
          type: string
      required:
        - error
    UnknownOAuthProviderError:
      type: object
      properties:
        error:
          type: string
          const: unknown_oauth_provider
        message:
          type: string
      required:
        - error
        - message

````