Using the service
Understanding authentication
If you are integrating a service with us, you will most likely have to be aware of the OAuth 2.0 authorisation protocol and its Resource Owner authorisation flow,
For more details please see the authentication overview which describes many of the terms used below.
The sign-up process
In order to use the service you must first register with Registers of Scotland.
We will be in contact to discuss access and your requirements.
What we need from you
- If you are integrating a service with us:
- You will need to send us a list of redirect URLs. This is where we will redirect the user's browser after authorisation, and where we will return control to your application
- These are the only URLs that our authentication server will redirect to
- Registers of Scotland may periodically review the URLs to ensure they do not point to malicous content
- The URLs must be HTTPS
- The URLs cannot contain wild cards (e.g.
https://*.example.com/redirectis not acceptable)
What we provide you
- We will provide a number of testing logins which you can use on the testing environment
- Some of these users will have the permissions you need to test the service
- The rest will not, so you can see how the system works with users who lack the required privileges
- If you are integrating a service with us, that uses our authentication:
- We will provide you with a client ID and a client secret
- You will need to send these to authenticate yourself to us
- In order to use an authenticated service you will need to know the correct "scope"
- This is specific to the actions you need to perform in that service
- Details can be found in the documentation for that service
Testing environments
The details you are provided will only work in the test environment.
When your product is ready to go live, please contact us again to discuss getting live credentials.
Terms and conditions
Our API services have specific terms and conditions that you will be asked to accept when you register for the API services.