Create a new application with a default client
app_name required | string Name of the application |
app_description | string Short description of the application |
client_type | string Deprecated Default: "web" Client type of the default client |
client_display_name required | string Deprecated Client name of the default client to display when needed |
client_description | string Deprecated Short description of the default client |
redirect_uris required | Array of strings List of URI approved for redirects for your default client |
logo | string URI of your application's logo, such as for email templates |
resources | Array of strings Deprecated List of resources IDs associated with this default client |
service_providers | Array of strings List of service provider IDs associated with this application |
object Configures the application as the Authentication Hub of this tenant, allowing other apps to use it to perform a centralized login | |
allow_public_signup | boolean Default: false Determines if the application is allowed to request to create new users via login flows |
object Deprecated CIBA authorization flow configuration of the default client | |
client_auth_method | string Deprecated Default: "client_secret_basic" Which client authentication method to allow for the token endpoint of the default client. Unauthorized requests are only allowed for native clients that will perform a centralized login flow (via the Authentication Hub) with PKCE. |
{- "app_name": "My App",
- "app_description": "string",
- "client_type": "web",
- "client_display_name": "string",
- "client_description": "string",
- "logo": "string",
- "resources": [
- "string"
], - "service_providers": [
- "string"
], - "authenticator_preferences": {
- "is_centralized": false,
}, - "allow_public_signup": false,
- "device_authorization": {
- "enabled": false,
}, - "client_auth_method": "client_secret_basic"
}
{- "result": {
- "app_id": "string",
- "tenant_id": "string",
- "app_name": "string",
- "app_description": "string",
- "client_type": "web",
- "logo": "string",
- "client_id": "string",
- "client_display_name": "string",
- "client_description": "string",
- "client_secret": "string",
- "redirect_uris": [
- "string"
], - "login_preferences": {
- "auth_methods": {
- "google": {
- "clientId": "string",
- "clientSecret": "string"
}, - "facebook": {
- "clientId": "string",
- "clientSecret": "string"
}, - "email": {
- "expiresIn": 0,
- "message": {
- "primaryColor": "string",
- "from": "string",
- "subject": "string"
}
}, - "email_otp": {
- "expiresIn": 0,
- "maxFailures": 3,
- "message": {
- "primaryColor": "string",
- "from": "string",
- "subject": "string"
}
}, - "apple": {
- "clientId": "string",
- "clientSecret": "string",
- "appleTeamId": "string",
- "keyId": "string"
}, - "sms": {
- "expiresIn": 0,
- "maxFailures": 3
}, - "webauthn": {
- "clientId": "string",
- "clientSecret": "string"
}, - "webauthn_api": {
- "rpId": "string",
- "rpOrigin": "string"
}, - "line": {
- "clientId": "string",
- "clientSecret": "string"
}, - "password": {
- "resetValidityMinutes": 5,
- "passwordComplexity": 5,
- "passwordMinLength": 14,
- "blockPreviousPasswords": 0,
- "passwordExpiresIn": 90,
- "maxPasswordFailures": 5,
- "passwordSuspensionDuration": 15,
- "failuresExpireIn": 15,
- "tempPasswordValidityHours": 24,
- "message": {
- "primaryColor": "string",
- "from": "string",
- "subject": "string"
}, - "requireMFA": false
}
}
}, - "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "updated_at": "2019-08-24T14:15:22Z",
- "resources": [
- "string"
], - "service_providers": [
- "string"
], - "authenticator_preferences": {
- "is_centralized": false,
}, - "allow_public_signup": true,
- "client_auth_method": "client_secret_basic",
- "device_authorization": {
- "enabled": false,
}, - "password_sharing_group_id": "string"
}
}
Retrieves a list of all applications with their default clients
curl -i -X GET \ https://api.transmitsecurity.io/cis/v1/applications \ -H 'Authorization: Bearer <YOUR_JWT_HERE>'
{- "result": [
- {
- "app_id": "string",
- "tenant_id": "string",
- "app_name": "string",
- "app_description": "string",
- "client_type": "web",
- "client_id": "string",
- "client_display_name": "string",
- "client_description": "string",
- "client_secret": "string",
- "redirect_uris": [
- "string"
], - "login_preferences": {
- "auth_methods": {
- "google": {
- "clientId": "string",
- "clientSecret": "string"
}, - "facebook": {
- "clientId": "string",
- "clientSecret": "string"
}, - "email": {
- "expiresIn": 0,
- "message": {
- "primaryColor": "string",
- "from": "string",
- "subject": "string"
}
}, - "email_otp": {
- "expiresIn": 0,
- "maxFailures": 3,
- "message": {
- "primaryColor": "string",
- "from": "string",
- "subject": "string"
}
}, - "apple": {
- "clientId": "string",
- "clientSecret": "string",
- "appleTeamId": "string",
- "keyId": "string"
}, - "sms": {
- "expiresIn": 0,
- "maxFailures": 3
}, - "webauthn": {
- "clientId": "string",
- "clientSecret": "string"
}, - "webauthn_api": {
- "rpId": "string",
- "rpOrigin": "string"
}, - "line": {
- "clientId": "string",
- "clientSecret": "string"
}, - "password": {
- "resetValidityMinutes": 5,
- "passwordComplexity": 5,
- "passwordMinLength": 14,
- "blockPreviousPasswords": 0,
- "passwordExpiresIn": 90,
- "maxPasswordFailures": 5,
- "passwordSuspensionDuration": 15,
- "failuresExpireIn": 15,
- "tempPasswordValidityHours": 24,
- "message": {
- "primaryColor": "string",
- "from": "string",
- "subject": "string"
}, - "requireMFA": false
}
}
}, - "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "updated_at": "2019-08-24T14:15:22Z",
- "resources": [
- "string"
], - "service_providers": [
- "string"
], - "authenticator_preferences": {
- "is_centralized": false,
}, - "allow_public_signup": true,
- "client_auth_method": "client_secret_basic",
- "device_authorization": {
- "enabled": false,
}, - "password_sharing_group_id": "string"
}
]
}
Retrieves an application by application ID with the default client
curl -i -X GET \ 'https://api.transmitsecurity.io/cis/v1/applications/{appId}' \ -H 'Authorization: Bearer <YOUR_JWT_HERE>'
{- "result": {
- "app_id": "string",
- "tenant_id": "string",
- "app_name": "string",
- "app_description": "string",
- "client_type": "web",
- "logo": "string",
- "client_id": "string",
- "client_display_name": "string",
- "client_description": "string",
- "client_secret": "string",
- "redirect_uris": [
- "string"
], - "login_preferences": {
- "auth_methods": {
- "google": {
- "clientId": "string",
- "clientSecret": "string"
}, - "facebook": {
- "clientId": "string",
- "clientSecret": "string"
}, - "email": {
- "expiresIn": 0,
- "message": {
- "primaryColor": "string",
- "from": "string",
- "subject": "string"
}
}, - "email_otp": {
- "expiresIn": 0,
- "maxFailures": 3,
- "message": {
- "primaryColor": "string",
- "from": "string",
- "subject": "string"
}
}, - "apple": {
- "clientId": "string",
- "clientSecret": "string",
- "appleTeamId": "string",
- "keyId": "string"
}, - "sms": {
- "expiresIn": 0,
- "maxFailures": 3
}, - "webauthn": {
- "clientId": "string",
- "clientSecret": "string"
}, - "webauthn_api": {
- "rpId": "string",
- "rpOrigin": "string"
}, - "line": {
- "clientId": "string",
- "clientSecret": "string"
}, - "password": {
- "resetValidityMinutes": 5,
- "passwordComplexity": 5,
- "passwordMinLength": 14,
- "blockPreviousPasswords": 0,
- "passwordExpiresIn": 90,
- "maxPasswordFailures": 5,
- "passwordSuspensionDuration": 15,
- "failuresExpireIn": 15,
- "tempPasswordValidityHours": 24,
- "message": {
- "primaryColor": "string",
- "from": "string",
- "subject": "string"
}, - "requireMFA": false
}
}
}, - "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "updated_at": "2019-08-24T14:15:22Z",
- "resources": [
- "string"
], - "service_providers": [
- "string"
], - "authenticator_preferences": {
- "is_centralized": false,
}, - "allow_public_signup": true,
- "client_auth_method": "client_secret_basic",
- "device_authorization": {
- "enabled": false,
}, - "password_sharing_group_id": "string"
}
}
Update an application
app_name | string Name of the application |
app_description | string Short description of the application |
client_type | string Deprecated Default: "web" Client type of the default client |
client_display_name | string Deprecated Client name of the default client to display when needed |
client_description | string Deprecated Short description of the default client |
redirect_uris | Array of strings List of URI approved for redirects for your default client |
logo | string URI of your application's logo, such as for email templates |
resources | Array of strings Deprecated List of resources IDs associated with this default client |
service_providers | Array of strings List of service provider IDs associated with this application |
object Configures the application as the Authentication Hub of this tenant, allowing other apps to use it to perform a centralized login | |
allow_public_signup | boolean Default: false Determines if the application is allowed to request to create new users via login flows |
object Deprecated CIBA authorization flow configuration of the default client | |
client_auth_method | string Deprecated Default: "client_secret_basic" Which client authentication method to allow for the token endpoint of the default client. Unauthorized requests are only allowed for native clients that will perform a centralized login flow (via the Authentication Hub) with PKCE. |
{- "app_name": "My App",
- "app_description": "string",
- "client_type": "web",
- "client_display_name": "string",
- "client_description": "string",
- "logo": "string",
- "resources": [
- "string"
], - "service_providers": [
- "string"
], - "authenticator_preferences": {
- "is_centralized": false,
}, - "allow_public_signup": false,
- "device_authorization": {
- "enabled": false,
}, - "client_auth_method": "client_secret_basic"
}
{- "result": {
- "app_id": "string",
- "tenant_id": "string",
- "app_name": "string",
- "app_description": "string",
- "client_type": "web",
- "logo": "string",
- "client_id": "string",
- "client_display_name": "string",
- "client_description": "string",
- "client_secret": "string",
- "redirect_uris": [
- "string"
], - "login_preferences": {
- "auth_methods": {
- "google": {
- "clientId": "string",
- "clientSecret": "string"
}, - "facebook": {
- "clientId": "string",
- "clientSecret": "string"
}, - "email": {
- "expiresIn": 0,
- "message": {
- "primaryColor": "string",
- "from": "string",
- "subject": "string"
}
}, - "email_otp": {
- "expiresIn": 0,
- "maxFailures": 3,
- "message": {
- "primaryColor": "string",
- "from": "string",
- "subject": "string"
}
}, - "apple": {
- "clientId": "string",
- "clientSecret": "string",
- "appleTeamId": "string",
- "keyId": "string"
}, - "sms": {
- "expiresIn": 0,
- "maxFailures": 3
}, - "webauthn": {
- "clientId": "string",
- "clientSecret": "string"
}, - "webauthn_api": {
- "rpId": "string",
- "rpOrigin": "string"
}, - "line": {
- "clientId": "string",
- "clientSecret": "string"
}, - "password": {
- "resetValidityMinutes": 5,
- "passwordComplexity": 5,
- "passwordMinLength": 14,
- "blockPreviousPasswords": 0,
- "passwordExpiresIn": 90,
- "maxPasswordFailures": 5,
- "passwordSuspensionDuration": 15,
- "failuresExpireIn": 15,
- "tempPasswordValidityHours": 24,
- "message": {
- "primaryColor": "string",
- "from": "string",
- "subject": "string"
}, - "requireMFA": false
}
}
}, - "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "updated_at": "2019-08-24T14:15:22Z",
- "resources": [
- "string"
], - "service_providers": [
- "string"
], - "authenticator_preferences": {
- "is_centralized": false,
}, - "allow_public_signup": true,
- "client_auth_method": "client_secret_basic",
- "device_authorization": {
- "enabled": false,
}, - "password_sharing_group_id": "string"
}
}
curl -i -X DELETE \ 'https://api.transmitsecurity.io/cis/v1/applications/{appId}' \ -H 'Authorization: Bearer <YOUR_JWT_HERE>'
{- "message": "Bad request",
- "error_code": 400
}
Create a new client
name required | string Name of the client |
description | string Short description of the client |
redirect_uris required | Array of strings List of URI approved for redirects for your client |
client_type | string Default: "web" Client type |
response_types | Array of strings Default: ["code","id_token"] Items Enum: "code" "id_token" |
token_endpoint_auth_method | string Default: "client_secret_basic" Which token endpoint authentication method to allow for the token endpoint. Unauthorized requests are only allowed for native clients that will perform a centralized login flow (via the Authentication Hub) with PKCE. |
resources | Array of strings List of resources IDs associated with this client |
object Configuration for an OAuth Device Authorization Flow | |
object CIBA authorization flow configuration |
{- "name": "My Client",
- "description": "string",
- "client_type": "web",
- "response_types": [
- "code"
], - "token_endpoint_auth_method": "client_secret_basic",
- "resources": [
- "string"
], - "device_authorization": {
- "enabled": false,
},
}
{- "result": {
- "app_id": "string",
- "tenant_id": "string",
- "client_id": "string",
- "client_secret": "string",
- "name": "string",
- "description": "string",
- "redirect_uris": [
- "string"
], - "client_type": "web",
- "response_types": [
- "code"
], - "token_endpoint_auth_method": "client_secret_basic",
- "created_at": "2019-08-24T14:15:22Z",
- "updated_at": "2019-08-24T14:15:22Z",
- "resources": [
- "string"
], - "device_authorization": {
- "enabled": false,
},
}
}
curl -i -X GET \ 'https://api.transmitsecurity.io/cis/v1/applications/{appId}/clients' \ -H 'Authorization: Bearer <YOUR_JWT_HERE>'
{- "result": [
- {
- "app_id": "string",
- "tenant_id": "string",
- "client_id": "string",
- "client_secret": "string",
- "name": "string",
- "description": "string",
- "redirect_uris": [
- "string"
], - "client_type": "web",
- "response_types": [
- "code"
], - "token_endpoint_auth_method": "client_secret_basic",
- "created_at": "2019-08-24T14:15:22Z",
- "updated_at": "2019-08-24T14:15:22Z",
- "resources": [
- "string"
], - "device_authorization": {
- "enabled": false,
},
}
]
}
curl -i -X DELETE \ 'https://api.transmitsecurity.io/cis/v1/applications/{appId}/clients' \ -H 'Authorization: Bearer <YOUR_JWT_HERE>'
{- "message": "Bad request",
- "error_code": 400
}
curl -i -X GET \ 'https://api.transmitsecurity.io/cis/v1/applications/{appId}/clients/{clientId}' \ -H 'Authorization: Bearer <YOUR_JWT_HERE>'
{- "result": {
- "app_id": "string",
- "tenant_id": "string",
- "client_id": "string",
- "client_secret": "string",
- "name": "string",
- "description": "string",
- "redirect_uris": [
- "string"
], - "client_type": "web",
- "response_types": [
- "code"
], - "token_endpoint_auth_method": "client_secret_basic",
- "created_at": "2019-08-24T14:15:22Z",
- "updated_at": "2019-08-24T14:15:22Z",
- "resources": [
- "string"
], - "device_authorization": {
- "enabled": false,
},
}
}
Update a client
name | string Name of the client |
description | string Short description of the client |
redirect_uris | Array of strings List of URI approved for redirects for your client |
client_type | string Default: "web" Client type |
response_types | Array of strings Default: ["code","id_token"] Items Enum: "code" "id_token" |
token_endpoint_auth_method | string Default: "client_secret_basic" Which token endpoint authentication method to allow for the token endpoint. Unauthorized requests are only allowed for native clients that will perform a centralized login flow (via the Authentication Hub) with PKCE. |
resources | Array of strings List of resources IDs associated with this client |
object Configuration for an OAuth Device Authorization Flow | |
object CIBA authorization flow configuration |
{- "name": "My Client",
- "description": "string",
- "client_type": "web",
- "response_types": [
- "code"
], - "token_endpoint_auth_method": "client_secret_basic",
- "resources": [
- "string"
], - "device_authorization": {
- "enabled": false,
},
}
{- "result": {
- "app_id": "string",
- "tenant_id": "string",
- "client_id": "string",
- "client_secret": "string",
- "name": "string",
- "description": "string",
- "redirect_uris": [
- "string"
], - "client_type": "web",
- "response_types": [
- "code"
], - "token_endpoint_auth_method": "client_secret_basic",
- "created_at": "2019-08-24T14:15:22Z",
- "updated_at": "2019-08-24T14:15:22Z",
- "resources": [
- "string"
], - "device_authorization": {
- "enabled": false,
},
}
}
curl -i -X DELETE \ 'https://api.transmitsecurity.io/cis/v1/applications/{appId}/clients/{clientId}' \ -H 'Authorization: Bearer <YOUR_JWT_HERE>'
{- "message": "Bad request",
- "error_code": 400
}
Update the list of resources that a client is allowed to explicitly request access to
{- "resource_ids": [
- "string"
]
}
{- "result": {
- "app_id": "string",
- "tenant_id": "string",
- "client_id": "string",
- "client_secret": "string",
- "name": "string",
- "description": "string",
- "redirect_uris": [
- "string"
], - "client_type": "web",
- "response_types": [
- "code"
], - "token_endpoint_auth_method": "client_secret_basic",
- "created_at": "2019-08-24T14:15:22Z",
- "updated_at": "2019-08-24T14:15:22Z",
- "resources": [
- "string"
], - "device_authorization": {
- "enabled": false,
},
}
}
Update the list of resources that a default client of the application is allowed to explicitly request access to
{- "resource_ids": [
- "string"
]
}
{- "result": {
- "app_id": "string",
- "tenant_id": "string",
- "app_name": "string",
- "app_description": "string",
- "client_type": "web",
- "logo": "string",
- "client_id": "string",
- "client_display_name": "string",
- "client_description": "string",
- "client_secret": "string",
- "redirect_uris": [
- "string"
], - "login_preferences": {
- "auth_methods": {
- "google": {
- "clientId": "string",
- "clientSecret": "string"
}, - "facebook": {
- "clientId": "string",
- "clientSecret": "string"
}, - "email": {
- "expiresIn": 0,
- "message": {
- "primaryColor": "string",
- "from": "string",
- "subject": "string"
}
}, - "email_otp": {
- "expiresIn": 0,
- "maxFailures": 3,
- "message": {
- "primaryColor": "string",
- "from": "string",
- "subject": "string"
}
}, - "apple": {
- "clientId": "string",
- "clientSecret": "string",
- "appleTeamId": "string",
- "keyId": "string"
}, - "sms": {
- "expiresIn": 0,
- "maxFailures": 3
}, - "webauthn": {
- "clientId": "string",
- "clientSecret": "string"
}, - "webauthn_api": {
- "rpId": "string",
- "rpOrigin": "string"
}, - "line": {
- "clientId": "string",
- "clientSecret": "string"
}, - "password": {
- "resetValidityMinutes": 5,
- "passwordComplexity": 5,
- "passwordMinLength": 14,
- "blockPreviousPasswords": 0,
- "passwordExpiresIn": 90,
- "maxPasswordFailures": 5,
- "passwordSuspensionDuration": 15,
- "failuresExpireIn": 15,
- "tempPasswordValidityHours": 24,
- "message": {
- "primaryColor": "string",
- "from": "string",
- "subject": "string"
}, - "requireMFA": false
}
}
}, - "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "updated_at": "2019-08-24T14:15:22Z",
- "resources": [
- "string"
], - "service_providers": [
- "string"
], - "authenticator_preferences": {
- "is_centralized": false,
}, - "allow_public_signup": true,
- "client_auth_method": "client_secret_basic",
- "device_authorization": {
- "enabled": false,
}, - "password_sharing_group_id": "string"
}
}