Generate OAuth Client Credentials in InvGate
Sign in to your InvGate Asset Management tenant as an administrator at https://<your-instance>.cloud.invgate.net and create an OAuth credential set. The Client ID and Client Secret only appear after you save the credential set for the first time.
Find your Instance Host
The subdomain of your InvGate tenant — the part before .cloud.invgate.net in your URL. e.g. for https://gabbro.is.cloud.invgate.net enter gabbro.is.
- The tenant URL is also included in your InvGate welcome email — use the Log in to Asset Management link there to get the full URL.
Open the API settings page
In your tenant, click the Settings gear icon in the left sidebar, then go to Integrations → API (the </> icon labelled Manage API access credentials).
Create a credential set
In the Integrations section, click + Add to open the credential creation form. Enter a Name (e.g. “StackOne Integrations”). Decide whether StackOne should have write access:
- Leave Read-only access disabled if you want StackOne to be able to create, update and delete records.
- Enable Read-only access if you want StackOne limited to
GETrequests.
Save and copy the Client ID and Client Secret
Click Save. Then click the Edit button (pencil icon) on the newly created integration to reveal the Client ID and Client Secret — copy both into the corresponding fields in the StackOne Hub.
Pick the Scope that matches your InvGate credential
The Scope dropdown in the StackOne Hub should reflect the Read-only access setting on the OAuth credential in InvGate. The account will connect either way — the scope only controls which actions actually run. If the OAuth credential in InvGate is read-only, write actions (create/update/delete) will return 403 Forbidden at execution time regardless of what you pick here.
- Read-only access disabled in InvGate → select Read & Write in the Hub to enable create/update/delete actions.
- Read-only access enabled in InvGate → select Read only in the Hub. Write actions will return 403 because InvGate denies write access at the credential level.
Linking the Account from the Hub
Navigate to the Hub
Fill out the fields
- Instance Host
- Client ID
- Client Secret
- Scope
If the account linking is successful, you will see the newly linked account in your Accounts page.