Application types

The Oten Developer ortalp supports three application types: service application, AI application, and game application. You choose a type when creating an app, and you can adjust resources and permissions later.

What choosing a type affects

  • Default resource templates in manage app’s resources (client identity, app capabilities and security, ecosystem connection)

  • Suggested scopes/permissions and security defaults

  • Type-specific fields in app info and Store categorization

  • Review guidelines applicable to your listing

Types

Service Application

  • Best for business and productivity integrations, backend services, workflow automation, and connectors.

  • Typical capabilities:

    • Expose REST/Graph APIs via a Resource Server

    • Support webhooks/events for sync or notifications

    • Authenticate users via SPA or Regular Web OAuth clients; optional M2M Integrate Client for server-to-server

  • Notes:

    • Start with least-privilege scopes; request only what you need

    • Ensure idempotency and clear error codes for API endpoints

AI Application

  • Best for apps that provide AI/ML powered features like generation, classification, embeddings, or retrieval.

  • Typical capabilities:

    • Model-backed inference endpoints; jobs may be synchronous or asynchronous with callbacks

    • User-facing OAuth client (SPA/Regular) and optional M2M client for batch jobs

    • Usage- and privacy-aware logging; avoid sensitive data in logs

  • Notes:

    • Document your model/provider and expected inputs/outputs

    • Consider rate limits and retries for long-running operations

Game Application

  • Best for gaming and entertainment experiences that integrate Oten identity and commerce.

  • Typical capabilities:

    • Player identity via OAuth (SPA/Native), optional backend for authoritative state

    • Optional webhooks for purchases, achievements, or telemetry

    • Pricing models for in-app purchases or subscriptions

  • Notes:

    • Follow content policies and age ratings where applicable

    • Keep client secrets on server-side only; never in client binaries

Recommended resources by type (examples)

  • Service: Resource Server (business APIs), SPA/Regular OAuth client, optional Integrate (M2M), webhooks

  • AI: Resource Server (inference endpoints), Regular/SPA OAuth client, Integrate (M2M) for jobs, webhook callbacks

  • Game: SPA/Native OAuth client, optional backend Resource Server, commerce-related webhooks

Setup checklist

  1. Create an app and select a type: Create an app

  2. Configure authentication and permissions: Authentication, OAuth and Permissions

  3. Define resources (APIs, clients, webhooks) under Manage App’s Resources

  4. Provide App Info, assets, and marketplace details

  5. Test end-to-end in Sandbox: Test your app

  6. Optionally set pricing: see Manage Pricing in the Developer Portal

  7. Submit for review: Publish your app

Testing and quality

  • All endpoints must return stable status codes and minimal contract shapes

  • Scopes must be enforced server-side; deny by default

  • Handle retries and timeouts gracefully; include request IDs in logs

  • Keep Sandbox data isolated from production

PreviousWhat is Oten DeveloperNextUSER GUIDE

Last updated