Check out our new and improved API documentation! ↗

    On this page

    Apps API

    The Apps API reference is now available at the new Okta API reference portal (opens new window).

    Explore the Okta Public API Collections (opens new window) workspace to get started with the Applications API.

    Application operations

    The Application operations reference is now available at the new Okta API reference portal (opens new window) as the Applications API (opens new window).

    Add application

    See Create an Application (opens new window) in the new Okta API reference portal (opens new window).

    Add Bookmark application

    See Create a BOOKMARK Application (opens new window) in the new Okta API reference portal (opens new window).

    Add Basic Authentication application

    See Create a BASIC_AUTH Application (opens new window) in the new Okta API reference portal (opens new window).

    Add Okta Org2Org application

    See Create an Org2Org app instance (opens new window) in the new Okta API reference portal (opens new window).

    Add an OIN SAML 2.0 Authentication app

    The request payload to create a SAML 2.0 authentication OIN app instance is available in the Applications Schema (opens new window) section of the new Okta API reference portal (opens new window).

    Specify the following required parameters for an OIN app:

    • The name field is required, which identifies the OIN app definition for the instance that you want to create.
    • Specify SAML_2_0 in the required signOnMode parameter.

    Add plugin SWA application

    See Create a BROWSER_PLUGIN Application (opens new window) in the new Okta API reference portal (opens new window).

    Add plugin SWA (3 field) application

    See Create a BROWSER_PLUGIN Application (opens new window) in the new Okta API reference portal (opens new window).

    Add SWA application (no plugin)

    See Create a SECURE_PASSWORD_STORE Application (opens new window) in the new Okta API reference portal (opens new window).

    Add custom SWA application

    See Create an AUTO_LOGIN Application (opens new window) in the new Okta API reference portal (opens new window).

    Add custom SAML application

    See Create a SAML_2_0 Application (opens new window) in the new Okta API reference portal (opens new window).

    Add WS-Federation application

    See Create a WS_FEDERATION Application (opens new window) in the new Okta API reference portal (opens new window).

    Add OAuth 2.0 client application

    See Create an OAuth 2.0 client Application (opens new window) in the new Okta API reference portal (opens new window).

    Note: The refresh_token Early Access parameter is visible only if the client has refresh_token defined as one of its allowed grant_types. See Refresh token object.

    Note: The parameters backchannel_token_delivery_mode, backchannel_authentication_request_signing_alg, and backchannel_custom_authenticator_id appear only if the client has urn:openid:params:grant-type:ciba defined as one of its allowed grant_types. Identity Engine

    Note: If the dpop_bound_access_tokens parameter is set to true, then the client_credentials and implicit grant_types parameters aren't allowed. Early Access

    Notes:

    • Apps created on /api/v1/apps default to consent_method=TRUSTED, while those created on /api/v1/clients default to consent_method=REQUIRED.
    • If you request a scope that requires consent while using the client_credentials flow, an error is returned. Because there is no user, no consent can be given.
    • If the prompt value is set to NONE, but the consent_method and the consent values are set to REQUIRED, then an error occurs.
    • You can configure the tos_uri, policy_uri, and logo-uri properties in the App Wizard and on the General tab in the Admin Console. You can also set these properties using the Dynamic Client Registration API (opens new window).
    • The consent_method property can be configured in the App Wizard and on the General tab in the Admin Console, but cannot be set using the Dynamic Client Registration API.
    • After an app is created, you can't change the application_type.

    Create an app with a Profile object

    To include app-specific information that you want to reference later, such as in a token claim, add those parameters within the app Profile object when you create an app. An Profile object is a container for any valid JSON schema that you can reference from a request. You can only add the Profile object to OAuth 2.0 client applications.

    The following example shows how to add an app label parameter to the Profile object when creating an app.

    Note: See Update application level profile attributes for an update example.

    curl -v -X POST \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: SSWS ${api_token}" \
-d '{
    "name": "oidc_client",
    "label": "Sample Client profile",
    "signOnMode": "OPENID_CONNECT",
    "credentials": {
      "oauthClient": {
        "token_endpoint_auth_method": "client_secret_post"
        }
    },
    "profile": {
        "label": "oauth2 client app 1"
        },
    "settings": {
      "oauthClient": {
        "client_uri": "http://localhost:8080",
        "logo_uri": "http://developer.okta.com/assets/images/logo-new.png",
        "redirect_uris": [
          "https://example.com/oauth2/callback",
          "myapp://callback"
        ],
        "response_types": [
          "token",
          "id_token",
          "code"
        ],
        "grant_types": [
          "implicit",
          "authorization_code"
        ],
        "application_type": "native",
        "participate_slo": false
      }
    }
}' "https://${yourOktaDomain}/api/v1/apps"

    -->

    Get application

    See Retrieve an Applications (opens new window) in the new Okta API reference portal (opens new window).

    List applications

    See List all Applications (opens new window) in the new Okta API reference portal (opens new window).

    Update application

    See Replace an Application (opens new window) in the new Okta API reference portal (opens new window).

    Delete application

    See Delete an Application (opens new window) in the new Okta API reference portal (opens new window).

    Update application policy

    The Application policy operation reference is now available at the new Okta API reference portal (opens new window) as the Application Policies API (opens new window).

    Application lifecycle operations

    The Application lifecycle operations reference is now available at the new Okta API reference portal (opens new window) as Activate an Application (opens new window) and Deactivate an Application (opens new window).

    Application user operations

    The Application user operations reference is now available at the new Okta API reference portal (opens new window) as the Application Users API (opens new window).

    Application group operations

    The Application group operations reference is now available at the new Okta API reference portal (opens new window) as the Application Groups API (opens new window).

    Application key store operations

    The application key store operations reference is now available at the new Okta API reference portal (opens new window) as the Application Key Credentials API (opens new window).

    Preview SAML metadata for application

    The Application SAML metadata preview reference is now available at the new Okta API reference portal (opens new window) as the Application SSO API (opens new window).

    Application client secret management operations

    The Application client secret management operations reference is now available at the new Okta API reference portal (opens new window) as the Application Client Auth Credentials API (opens new window).

    Application client JSON Web Key management operations

    The Application client JSON Web Key management operations reference is now available at the new Okta API reference portal (opens new window) as the Application Client Auth Credentials API (opens new window).

    Application OAuth 2.0 role assignment operations

    The Application OAuth 2.0 role assignment operations reference is now available at the new Okta API reference portal (opens new window) as the Client Role Assignments API (opens new window).

    The Application OAuth 2.0 scope consent grant operations reference is now available at the new Okta API reference portal (opens new window) as the Application Grants API (opens new window).

    Application OAuth 2.0 token operations

    The Application OAuth 2.0 token operations reference is now available at the new Okta API reference portal (opens new window) as the Application Tokens API (opens new window).

    Application logo operations

    The Application logo operations reference is now available at the new Okta API reference portal (opens new window) as the Application Logos API (opens new window).

    Application Provisioning Connection operations

    The Application provisioning connection operations reference is now available at the new Okta API reference portal (opens new window) as the Application Connections API (opens new window).

    Application Feature operations

    The Application Feature operations reference is now available at the new Okta API reference portal (opens new window) as the Application Features API (opens new window).

    Models

    Idp-Initiated Login object

    See Application - settings.oauthClient.idp_initiated_login (opens new window) in the new Okta API reference portal (opens new window).

    Refresh token object

    See Application - settings.oauthClient.refresh_token (opens new window) in the new Okta API reference portal (opens new window).

    Application object

    See Application object in the response (opens new window) in the new Okta API reference portal (opens new window).

    Application Credentials object

    See Application - credentials (opens new window) in the new Okta API reference portal (opens new window).

    Profile object

    See profile (opens new window) in the new Okta API reference portal (opens new window).

    Application User object

    See Application User (opens new window) in the new Okta API reference portal (opens new window).

    Application Group object

    See Application Group (opens new window) in the new Okta API reference portal (opens new window).

    Edit This Page On GitHub