# Registration Before accessing the Transact API, you must: 1. Obtain a **client ID** by contacting Transact. 2. Generate a **client secret**. 3. Register one or more **redirect URIs**. During the OAuth authorisation flow your **client ID** and **client secret** are used to authenticate your application, and your **redirect URIs** are used to return data to your application. ## Get your client ID If you are not already registered as a software provider with Transact: 1. Please [Contact Us](../contact-us.mdx), declaring your wish to register as a software provider. 2. We will supply you with your unique client ID and Transact Online software provider login credentials. If you are already registered as a software provider: - you already have Transact Online software provider login credentials - your _Provider Key_ (as previously supplied) is your client ID. ## Set up your account Log in to Transact Online[^1] with your software provider login credentials. ### Accept the Terms of Business Before using the Transact API, you must accept the Terms of Business at _Housekeeping > Terms of Business_. :::note This must be performed on an annual basis to maintain access to the API. We will be in touch with you when it is time to reaccept. ::: ### Generate your client secret To obtain your client secret and register redirect URIs, navigate to _Housekeeping > OAuth Settings_. Click "Generate Secret" to generate a client secret. You may repeat this process at any time to generate a new client secret. :::warning Please take note of the generated client secret as it is not retrievable in future, even by Transact. If you forget your client secret it must be regenerated. ::: ### Register your redirect URIs Within _Housekeeping > OAuth Settings_, register one or more redirect URIs under the "Redirect URIs" heading. The redirect URI that you submit as part of the OAuth flow must _exactly_ match one of your registered redirect URIs. This includes any URL parameters (e.g. `https://example.com/callback?productid=334`). :::note In order to simplify local development, the UAT environment[^1] permits the use of `corp`, `domain`, `example`, `home`, `host`, `invalid`, `lan`, `local`, `localdomain`, `localhost` and `test` top-level domains. ::: ### Whitelisting Please note that there is no requirement to whitelist your server addresses for Transact API. The menu _Housekeeping > Allowed IP List_ is relevant to legacy TRDS endpoints only. [^1]: See [Environments](../advanced/environments.md). UAT Transact Online can be found at https://demo.transact-online.co.uk.