Skip to main content
Before you can use Monei Connect, you need to register your app. This gives you a client_id and client_secret your app’s identity in the OAuth flow.

Step 1: Create a Monei Account

Sign up at monei.cc and verify your account. You’ll need a verified account to register Connect apps.

Step 2: Register Your App

Send a POST request to register your app. Use your Monei JWT (from logging in) as the Bearer token. 
POST /api/v1/connect/apps/register
Authorization: Bearer <your_monei_jwt>
Content-Type: application/json

{
  "appName": "Spendify",
  "appDescription": "Personal finance and budgeting app",
  "redirectUris": ["https://yourapp.com/monei/callback"],
  "websiteUrl": "https://yourapp.com",
  "logoUrl": "https://yourapp.com/logo.png"
}

Request fields

FieldRequiredDescription
appNameDisplay name shown to users on the consent screen
appDescriptionShort description of what your app does
redirectUrisArray of allowed callback URLs. Must be exact matches — no wildcards
websiteUrlNoYour app’s website, shown on the consent screen
logoUrlNoURL to your app’s logo (shown as an icon on the consent screen)

Response

{
  "clientId": "mc_a3f9b2c1d4e5...",
  "clientSecret": "mcs_8d4e7f2a9b...",
  "appName": "Spendify",
  "redirectUris": ["https://yourapp.com/monei/callback"],
  "message": "Store your client secret securely. It will not be shown again."
}
Store your clientSecret immediately. It is shown exactly once and cannot be retrieved again. If you lose it, you’ll need to rotate your credentials.

Understanding your credentials

client_id (prefix: mc_) is your app’s public identifier. Safe to include in frontend redirect URLs. client_secret (prefix: mcs_) is your app’s private key used to exchange authorization codes for tokens. Never expose this in frontend code, mobile apps, or version control. Token exchange must always happen server-side.

Managing redirect URIs

Redirect URIs must be registered in advance and matched exactly during the OAuth flow including protocol, domain, path, and trailing slash. There are no wildcards. Valid: 
https://yourapp.com/monei/callback
https://yourapp.com/auth/monei/return
Invalid (won’t match): 
https://yourapp.com/monei/callback/   ← trailing slash mismatch
http://yourapp.com/monei/callback     ← wrong protocol
https://yourapp.com/callback          ← different path
For local development, you can register http://localhost:3000/callback as a redirect URI.

Viewing and updating your app

# Get your registered app details
GET /api/v1/connect/apps/me
Authorization: Bearer <your_monei_jwt>

# Update app details
PATCH /api/v1/connect/apps/me
Authorization: Bearer <your_monei_jwt>
Content-Type: application/json

{
  "appName": "Spendify Pro",
  "redirectUris": [
    "https://yourapp.com/monei/callback",
    "https://yourapp.com/auth/return"
  ]
}

Next step

Quickstart →

Build a complete OAuth integration end-to-end