# Applications

Manage your applications and their clients. An application requires at least one client, the first client is created automatically and set as default. The application can be configured to use additional clients which can be added later. Application APIs are authorized using an access token of a relevant app or using an admin access token of the management application.


## Servers

Sandbox environment
```
https://api.sbx.transmitsecurity.io/cis
```

Production environment (US)
```
https://api.transmitsecurity.io/cis
```

Production environment (EU)
```
https://api.eu.transmitsecurity.io/cis
```

Production environment (CA)
```
https://api.ca.transmitsecurity.io/cis
```

Production environment (AU)
```
https://api.au.transmitsecurity.io/cis
```

## Security

### bearer

Type: http
Scheme: bearer
Bearer Format: JWT

### UserAccessToken

A token returned upon end-user authentication, which provides access to resources and data for the user and app for which it was generated

Type: http
Scheme: bearer
Bearer Format: JWT

### AdminAccessToken

A token generated by a management application using the [token endpoint](/openapi/token.openapi/other/getaccesstoken). It provides access to all resources for the tenant and its apps

Type: oauth2

### ClientAccessToken

A token generated by an end-user application using the [token endpoint](/openapi/token.openapi/other/getaccesstoken). It provides access to resources and data on the tenant level or associated with the specific application (but not other apps in the tenant)

Type: oauth2

### OrgAdminAccessToken

A token returned upon B2B authentication for a user that has the organizationAdmin or organizationCreator role.

Type: oauth2

## Download OpenAPI description

[Applications](https://developer.transmitsecurity.com/_bundle/openapi/user/apps.openapi.yaml)

## Other

### Create client

 - [POST /v1/applications/{appId}/clients](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/createappclient.md): Create a new client. Required permissions: apps:create, apps:edit.

### Get all clients

 - [GET /v1/applications/{appId}/clients](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/getappclients.md): Retrieves a list of clients for an application. Required permissions: apps:read.

### Delete all clients

 - [DELETE /v1/applications/{appId}/clients](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/deleteappclients.md): Deletes all clients for an application.

### Get client by ID

 - [GET /v1/applications/{appId}/clients/{clientId}](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/getappclientbyid.md): Retrieves a client by client ID. Required permissions: apps:read.

### Update client

 - [PUT /v1/applications/{appId}/clients/{clientId}](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/updateappclient.md): Update a client. Note: Fields that are objects cannot be partially updated, since the new value you set will just replace the current one. Required permissions: apps:edit, apps:create.

### Delete client

 - [DELETE /v1/applications/{appId}/clients/{clientId}](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/deleteappclient.md): Delete a client. Required permissions: apps:delete, apps:create, apps:edit.

### Update client resources

 - [PUT /v1/applications/{appId}/clients/{clientId}/resources](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/updateappclientresources.md): Update the list of resources that a client is allowed to explicitly request access to

### Create app

 - [POST /v1/applications](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/createapp.md): Create a new application with a default client. The fields marked as deprecated are now managed on the client level. To update a default client, create additional clients, or fetch all app clients, use /clients or applications/{appId}/clients endpoints. Required permissions: apps:create, [appId]:create.

### Get all apps

 - [GET /v1/applications](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/getallapps.md): Retrieves a list of all applications with their default clients. The fields marked as deprecated are now managed on the client level. To update a default client, create additional clients, or fetch all app clients, use /clients or applications/{appId}/clients endpoints. Required permissions: apps:read, apps:list, [appId]:read, [appId]:list.

### Get all apps basic information

 - [GET /v1/applications/list](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/getappslist.md): Retrieves a list of all applications with their basic information. Required permissions: apps:list, users:read, organizations:read, roles:read, orgs:read, [appId]:list.

### Get app by ID

 - [GET /v1/applications/{appId}](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/getappbyid.md): Retrieves an application by application ID with the default client. The fields marked as deprecated are now managed on the client level. To update a default client, create additional clients, or fetch all app clients, use /clients or applications/{appId}/clients endpoints. Required permissions: apps:read, [appId]:read.

### Update app

 - [PUT /v1/applications/{appId}](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/updateapp.md): Updates an application. The fields marked as deprecated are now managed on the client level. To update a default client, create additional clients, or fetch all app clients, use /clients or applications/{appId}/clients endpoints. Note: Fields that are objects cannot be partially updated, since the new value you set will just replace the current one. Required permissions: apps:edit, [appId]:edit.

### Delete app

 - [DELETE /v1/applications/{appId}](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/deleteapp.md): Delete an application. Required permissions: apps:delete, [appId]:delete.

### Create signing key

 - [POST /v1/applications/signing-keys](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/createclienttokensigningkey.md): Create a new signing key. Required permissions: apps:create, [appId]:create, apps:edit, [appId]:edit.

### Get all token signing keys

 - [GET /v1/applications/signing-keys](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/getclienttokensigningkeys.md): Retrieves a list of token signing keys for an application. Required permissions: apps:read, [appId]:read.

### Upload signing key

 - [POST /v1/applications/signing-keys/upload](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/uploadclienttokensigningkey.md): Upload a new signing key. Required permissions: apps:create, [appId]:create, apps:edit, [appId]:edit.

### Update a signing key

 - [PUT /v1/applications/signing-keys/{id}](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/updatetokensigningkey.md): Update a signing key. Required permissions: apps:create, [appId]:create, apps:edit, [appId]:edit.

### Delete signing key

 - [DELETE /v1/applications/signing-keys/{id}](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/deleteclienttokensigningkey.md): Delete a signing key. Required permissions: apps:delete, [appId]:delete, apps:create, [appId]:create, apps:edit, [appId]:edit.

### Update app resources (deprecated)

 - [PUT /v1/applications/{appId}/resources](https://developer.transmitsecurity.com/openapi/user/apps.openapi/other/updateresourcesinapp.md): Update the list of resources that a default client of the application is allowed to explicitly request access to