Management Apps

Download OpenAPI specification:Download

View, create, and update your management applications. These are typically backend services accessing our platform to perform administrative actions. They can be used to generate client credentials that have tenant-level access to users, roles, apps, settings, and more.

Create management app

Create a management application

SecurityOAuth2: ClientAccessToken or OAuth2: AdminAccessToken
Request
Request Body schema: application/json
required
app_name
required
string

Name of the application

app_description
string

Short description of the application

first_client_authentication_protocol
string

Defines the first client authentication protocol.

Enum: "oidc" "saml"
ApiCreateOidcClientInput (object) or ApiCreateSamlClientInput (object)

Creates first client for the application. Client can be OIDC or SAML, depending what is set in first_client_authentication_protocol

login_uri
string

URI used to redirect the user to the login page of the application (when needed)

invite_member_uri
string

URI used to redirect the member to the login page of the application (when needed)

subdomain
string

Subdomain of Org admin portal that can be offered for organizations to manage their users (when needed)

invite_member_email_expiration_minutes
number
Default: 2880

Member invite email link expiration in minutes

custom_domain
string

Domain of the application that can be offered for the application to be accessed from

pkce
string

PKCE configuration for client

Enum: "enforcePkceInsteadOfClientCredentials" "enforcePkceAlongsideClientCredentials" "allowPkceAlongsideClientCredentials"
Responses
201
400
post/v1/management/applications
Request samples
application/json
{
  • "app_name": "My App",
  • "app_description": "string",
  • "first_client_authentication_protocol": "oidc",
  • "first_client": {
    },
  • "login_uri": "https://www.example.com/login",
  • "invite_member_uri": "https://www.example.com/login",
  • "subdomain": "myapp",
  • "invite_member_email_expiration_minutes": 2880,
  • "custom_domain": "myapp.com",
  • "pkce": "enforcePkceInsteadOfClientCredentials"
}
Response samples
application/json
{
  • "result": {
    }
}

Get management apps

Retrieve a list of all management applications

SecurityOAuth2: ClientAccessToken or OAuth2: AdminAccessToken
Responses
200
400
get/v1/management/applications
Request samples 
Response samples 
application/json
{
  • "result": [
    ]
}
Update management app
Update a management application. Note: Fields that are objects cannot be partially updated, since the new value you set will just replace the current one.


SecurityOAuth2: ClientAccessToken or OAuth2: AdminAccessToken 
Request 
path Parameters
app_id
required
string
 
Request Body schema: application/json
required
app_name
string
Name of the application


 
app_description
string
Short description of the application


 
first_client_authentication_protocol
string
Defines the first client authentication protocol.


 Enum: "oidc" "saml"  
ApiCreateOidcClientInput (object) or ApiCreateSamlClientInput (object)
Creates first client for the application. Client can be OIDC or SAML, depending what is set in first_client_authentication_protocol


 
login_uri
string
URI used to redirect the user to the login page of the application (when needed)


 
invite_member_uri
string
URI used to redirect the member to the login page of the application (when needed)


 
subdomain
string
Subdomain of Org admin portal that can be offered for organizations to manage their users (when needed)


 
invite_member_email_expiration_minutes
number
 Default:  2880
Member invite email link expiration in minutes


 
custom_domain
string
Domain of the application that can be offered for the application to be accessed from


 
pkce
string
PKCE configuration for client


 Enum: "enforcePkceInsteadOfClientCredentials" "enforcePkceAlongsideClientCredentials" "allowPkceAlongsideClientCredentials"  
Responses 
200
400
404
put/v1/management/applications/{app_id}
Request samples 
application/json
{
  • "app_name": "My App",
  • "app_description": "string",
  • "first_client_authentication_protocol": "oidc",
  • "first_client": {
    },
  • "login_uri": "https://www.example.com/login",
  • "invite_member_uri": "https://www.example.com/login",
  • "subdomain": "myapp",
  • "invite_member_email_expiration_minutes": 2880,
  • "custom_domain": "myapp.com",
  • "pkce": "enforcePkceInsteadOfClientCredentials"
}
Response samples 
application/json
{
  • "result": {
    }
}
Delete management app
Delete a management application and remove role assignments belonging to it.


SecurityOAuth2: ClientAccessToken or OAuth2: AdminAccessToken 
Request 
path Parameters
app_id
required
string
 
Responses 
204
400
404
delete/v1/management/applications/{app_id}
Request samples 
Response samples 
application/json
{
  • "message": "Bad request",
  • "error_code": 400
}