Management Apps

Download OpenAPI specification:Download

View, create, and update your management applications. These are typically backend services accessing our platform to perform administrative actions. They can be used to generate client credentials that have tenant-level access to users, roles, apps, settings, and more.

Create management app

Create a management application

SecurityOAuth2: ClientAccessToken or OAuth2: AdminAccessToken
Request
Request Body schema: application/json
required
app_name
required
string

Name of the application

app_description
string

Short description of the application

first_client_authentication_protocol
string

Defines the first client authentication protocol.

Enum: "oidc" "saml"
ApiCreateOidcClientInput (object) or ApiCreateSamlClientInput (object)

Creates first client for the application. Client can be OIDC or SAML, depending what is set in first_client_authentication_protocol

login_uri
string

URI used to redirect the user to the login page of the application (when needed)

subdomain
string

Subdomain of Org admin portal that can be offered for organizations to manage their users (when needed)

invite_member_email_expiration_minutes
number
Default: 2880

Member invite email link expiration in minutes

custom_domain
string

Domain of the application that can be offered for the application to be accessed from

pkce
string

PKCE configuration for client

Enum: "enforcePkceInsteadOfClientCredentials" "enforcePkceAlongsideClientCredentials" "allowPkceAlongsideClientCredentials"
Responses
201
400
post/v1/management/applications
Request samples
application/json
{
  • "app_name": "My App",
  • "app_description": "string",
  • "first_client_authentication_protocol": "oidc",
  • "first_client": {},
  • "subdomain": "myapp",
  • "invite_member_email_expiration_minutes": 2880,
  • "custom_domain": "myapp.com",
  • "pkce": "enforcePkceInsteadOfClientCredentials"
}
Response samples
application/json
{
  • "result": {
    }
}

Get management apps

Retrieve a list of all management applications

SecurityOAuth2: ClientAccessToken or OAuth2: AdminAccessToken
Responses
200
400
get/v1/management/applications
Request samples
Response samples
application/json
{
  • "result": [
    ]
}

Update management app

Update a management application. Note: Fields that are objects cannot be partially updated, since the new value you set will just replace the current one.

SecurityOAuth2: ClientAccessToken or OAuth2: AdminAccessToken
Request
path Parameters
app_id
required
string
Request Body schema: application/json
required
app_name
string

Name of the application

app_description
string

Short description of the application

first_client_authentication_protocol
string

Defines the first client authentication protocol.

Enum: "oidc" "saml"
ApiCreateOidcClientInput (object) or ApiCreateSamlClientInput (object)

Creates first client for the application. Client can be OIDC or SAML, depending what is set in first_client_authentication_protocol

login_uri
string

URI used to redirect the user to the login page of the application (when needed)

subdomain
string

Subdomain of Org admin portal that can be offered for organizations to manage their users (when needed)

invite_member_email_expiration_minutes
number
Default: 2880

Member invite email link expiration in minutes

custom_domain
string

Domain of the application that can be offered for the application to be accessed from

pkce
string

PKCE configuration for client

Enum: "enforcePkceInsteadOfClientCredentials" "enforcePkceAlongsideClientCredentials" "allowPkceAlongsideClientCredentials"
Responses
200
400
404
put/v1/management/applications/{app_id}
Request samples
application/json
{
  • "app_name": "My App",
  • "app_description": "string",
  • "first_client_authentication_protocol": "oidc",
  • "first_client": {},
  • "subdomain": "myapp",
  • "invite_member_email_expiration_minutes": 2880,
  • "custom_domain": "myapp.com",
  • "pkce": "enforcePkceInsteadOfClientCredentials"
}
Response samples
application/json
{
  • "result": {
    }
}

Delete management app

Delete a management application and remove role assignments belonging to it.

SecurityOAuth2: ClientAccessToken or OAuth2: AdminAccessToken
Request
path Parameters
app_id
required
string
Responses
204
400
404
delete/v1/management/applications/{app_id}
Request samples
Response samples
application/json
{
  • "message": "Bad request",
  • "error_code": 400
}