## List OAuth Clients

`client.iam.oauthClients.list(OAuthClientListParamsparams, RequestOptionsoptions?): SinglePage<OAuthClientListResponse>`

**get** `/accounts/{account_id}/oauth_clients`

List all OAuth clients for an account.

### Parameters

- `params: OAuthClientListParams`

  - `account_id: string`

    Account identifier tag.

### Returns

- `OAuthClientListResponse`

  Fields shared by OAuth client responses and create/update requests.

  - `client_id: string`

    The unique identifier for an OAuth client.

  - `visibility: "public" | "private"`

    Visibility of the OAuth client.

    - `"public"`

    - `"private"`

  - `allowed_cors_origins?: Array<string>`

    Array of allowed CORS origins.

  - `client_name?: string`

    Human-readable name of the OAuth client.

  - `client_uri?: string`

    URL of the home page of the client.

  - `client_uri_verification?: ClientURIVerification`

    Client URI domain control verification state.

    - `status?: "pending" | "in_progress" | "verified" | "failed"`

      Current verification status for the client URI host.

      - `"pending"`

      - `"in_progress"`

      - `"verified"`

      - `"failed"`

    - `text?: string`

      Exact TXT record value that must be added to DNS to prove ownership of the client URI host.

  - `created_at?: string`

    Timestamp when the OAuth client was created.

  - `grant_types?: Array<"authorization_code" | "refresh_token">`

    Array of OAuth grant types the client is allowed to use. `authorization_code` is required; `refresh_token` may be included optionally.

    - `"authorization_code"`

    - `"refresh_token"`

  - `has_rotated_secret?: boolean`

    Indicates whether the client has a rotated secret that has not yet been deleted.

  - `logo_uri?: string`

    URL of the client's logo.

  - `policy_uri?: string`

    URL that points to a privacy policy document.

  - `post_logout_redirect_uris?: Array<string>`

    Array of allowed post-logout redirect URIs.

  - `promoted_at?: string`

    Timestamp when the OAuth client was promoted to public visibility.

  - `redirect_uris?: Array<string>`

    Array of allowed redirect URIs for the client.

  - `response_types?: Array<"token" | "id_token" | "code">`

    Array of OAuth response types the client is allowed to use.

    - `"token"`

    - `"id_token"`

    - `"code"`

  - `scopes?: Array<string>`

    Array of OAuth scopes the client is allowed to request. Colon-delimited scopes are not accepted. Dot-delimited scopes are validated against available OAuth API scopes; simple identity scopes are allowed. Protocol scopes `offline_access` and `openid` are added or removed automatically based on `grant_types` and `response_types`.

  - `token_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_post"`

    The authentication method the client uses at the token endpoint.

    - `"none"`

    - `"client_secret_basic"`

    - `"client_secret_post"`

  - `tos_uri?: string`

    URL that points to a terms of service document.

  - `updated_at?: string`

    Timestamp when the OAuth client was last updated.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted
});

// Automatically fetches more pages as needed.
for await (const oauthClientListResponse of client.iam.oauthClients.list({
  account_id: '023e105f4ecef8ad9ca31a8372d0c353',
})) {
  console.log(oauthClientListResponse.client_id);
}
```

#### Response

```json
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": [
    {
      "client_id": "a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4",
      "visibility": "private",
      "allowed_cors_origins": [
        "https://example.com"
      ],
      "client_name": "My OAuth App",
      "client_uri": "https://example.com",
      "client_uri_verification": {
        "status": "in_progress",
        "text": "cloudflare_oauth_client_publisher=example"
      },
      "created_at": "2025-01-01T00:00:00Z",
      "grant_types": [
        "authorization_code",
        "refresh_token"
      ],
      "has_rotated_secret": false,
      "logo_uri": "https://example.com/logo.png",
      "policy_uri": "https://example.com/privacy",
      "post_logout_redirect_uris": [
        "https://example.com/logout"
      ],
      "promoted_at": "2026-05-13T12:00:00Z",
      "redirect_uris": [
        "https://example.com/callback"
      ],
      "response_types": [
        "code"
      ],
      "scopes": [
        "account.read"
      ],
      "token_endpoint_auth_method": "client_secret_post",
      "tos_uri": "https://example.com/tos",
      "updated_at": "2025-01-01T00:00:00Z"
    }
  ],
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000
  }
}
```