OAuth providers

Brex

Set up Brex OAuth for corporate card and expense management

Overview

Connect your users to Brex for corporate card management, expense tracking, and financial data access.

Property	Value
Provider ID	`brex`
Category	Finance
PKCE	Supported
Token refresh	Automatic
Redirect URI	Shown in Developer Portal

Step 1: Get Brex OAuth credentials

Brex OAuth (3LO) is partner-gated — there is no self-serve developer console for creating OAuth apps. Credentials must be issued by Brex’s developer support team after the partner application is approved.

Apply to be a Brex developer partner

Submit an application at brex.com/partners.

Request OAuth credentials

Once approved, contact the Brex developer support team to request OAuth client credentials. Provide the Alter callback URL from the Developer Portal — Brex configures the redirect URI on its side, there is no self-serve UI for it.

Receive credentials

Brex issues a Client ID, Client Secret, and the list of approved scopes.

Step 2: Add to Alter Vault

Open the Developer Portal

Go to portal.alterauth.com and navigate to the application.

Add Brex provider

Go to OAuth Providers > Add Provider > Brex.

Enter credentials

Client ID: Paste your Brex Client ID
Client Secret: Paste your Brex Client Secret

Select scopes

Choose the scopes the application needs.

Save

Click Save. The provider is now active.

Available Scopes

Scope	Description
`openid`	OpenID Connect authentication
`offline_access`	Request a refresh token for long-lived access
`transactions.card.readonly`	Read-only access to card transactions
`accounts.card.readonly`	Read-only access to card accounts
`users.readonly`	Read-only access to user information
`expenses.card`	Access to card expense data
`budgets.readonly`	Read-only access to budgets
`vendors.readonly`	Read-only access to vendor information

Notes

The openid and offline_access scopes are included by default.
Brex scopes configured in your OAuth application must match the scopes you request during authorization.