Skip to main content

Get Application By ID

GET 
https://$CUSTOM-DOMAIN/management/v1/projects/:projectId/apps/:appId

Get an application of any type (OIDC, API, SAML)

Request​

Path Parameters

    projectId stringrequired
    appId stringrequired

Header Parameters

    x-zitadel-orgid string

    The default is always the organization of the requesting user. If you like to get/set a result of another organization include the header. Make sure the user has permission to access the requested data.

Responses​

A successful response.

Schema

    app

    object

    id string

    details

    object

    sequence uint64

    on read: the sequence of the last event reduced by the projection

    on manipulation: the timestamp of the event(s) added by the manipulation

    creationDate date-time

    on read: the timestamp of the first event of the object

    on create: the timestamp of the event(s) added by the manipulation

    changeDate date-time

    on read: the timestamp of the last event reduced by the projection

    on manipulation: the

    resourceOwner resource_owner is the organization an object belongs to (string)
    state string

    Possible values: [APP_STATE_UNSPECIFIED, APP_STATE_ACTIVE, APP_STATE_INACTIVE]

    Default value: APP_STATE_UNSPECIFIED

    current state of the application

    name string

    oidcConfig

    object

    redirectUris string[]

    Callback URI of the authorization request where the code or tokens will be sent to

    responseTypes string[]

    Possible values: [OIDC_RESPONSE_TYPE_CODE, OIDC_RESPONSE_TYPE_ID_TOKEN, OIDC_RESPONSE_TYPE_ID_TOKEN_TOKEN]

    Determines whether a code, id_token token or just id_token will be returned

    grantTypes string[]

    Possible values: [OIDC_GRANT_TYPE_AUTHORIZATION_CODE, OIDC_GRANT_TYPE_IMPLICIT, OIDC_GRANT_TYPE_REFRESH_TOKEN, OIDC_GRANT_TYPE_DEVICE_CODE, OIDC_GRANT_TYPE_TOKEN_EXCHANGE]

    The flow type the application uses to gain access

    appType string

    Possible values: [OIDC_APP_TYPE_WEB, OIDC_APP_TYPE_USER_AGENT, OIDC_APP_TYPE_NATIVE]

    Default value: OIDC_APP_TYPE_WEB

    determines the paradigm of the application

    clientId string

    generated oauth2/oidc client id

    authMethodType string

    Possible values: [OIDC_AUTH_METHOD_TYPE_BASIC, OIDC_AUTH_METHOD_TYPE_POST, OIDC_AUTH_METHOD_TYPE_NONE, OIDC_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT]

    Default value: OIDC_AUTH_METHOD_TYPE_BASIC

    defines how the application passes login credentials

    postLogoutRedirectUris string[]

    ZITADEL will redirect to this link after a successful logout

    version string

    Possible values: [OIDC_VERSION_1_0]

    Default value: OIDC_VERSION_1_0

    the OIDC version used by the application

    noneCompliant boolean

    specifies whether the config is OIDC compliant. A production configuration SHOULD be compliant

    complianceProblems

    object[]

    lists the problems for non-compliancy

  • Array [

    • key string
    localizedMessage string

  • ]

    • devMode boolean

    used for development

    accessTokenType string

    Possible values: [OIDC_TOKEN_TYPE_BEARER, OIDC_TOKEN_TYPE_JWT]

    Default value: OIDC_TOKEN_TYPE_BEARER

    type of the access token returned from ZITADEL

    accessTokenRoleAssertion boolean

    adds roles to the claims of the access token (only if type == JWT) even if they are not requested by scopes

    idTokenRoleAssertion boolean

    adds roles to the claims of the id token even if they are not requested by scopes

    idTokenUserinfoAssertion boolean

    claims of profile, email, address and phone scopes are added to the id token even if an access token is issued. Attention this violates the OIDC specification

    clockSkew string

    Used to compensate time difference of servers. Duration added to the "exp" claim and subtracted from "iat", "auth_time" and "nbf" claims

    additionalOrigins string[]

    additional origins (other than the redirect_uris) from where the API can be used

    allowedOrigins string[]

    all allowed origins from where the API can be used

    skipNativeAppSuccessPage boolean

    Skip the successful login page on native apps and directly redirect the user to the callback.

    backChannelLogoutUri string

    ZITADEL will use this URI to notify the application about terminated session according to the OIDC Back-Channel Logout (https://openid.net/specs/openid-connect-backchannel-1_0.html)

    loginVersion

    object

    Specify the preferred login UI, where the user is redirected to for authentication. If unset, the login UI is chosen by the instance default.

    loginV1 object

    loginV2

    object

    baseUri string

    Optionally specify a base uri of the login UI. If unspecified the default URI will be used.

    apiConfig

    object

    clientId string

    generated oauth2/oidc client_id

    authMethodType string

    Possible values: [API_AUTH_METHOD_TYPE_BASIC, API_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT]

    Default value: API_AUTH_METHOD_TYPE_BASIC

    defines how the API passes the login credentials

    samlConfig

    object

    metadataXml byte
    metadataUrl string

    loginVersion

    object

    Specify the preferred login UI, where the user is redirected to for authentication. If unset, the login UI is chosen by the instance default.

    loginV1 object

    loginV2

    object

    baseUri string

    Optionally specify a base uri of the login UI. If unspecified the default URI will be used.

curl -L 'https://$CUSTOM-DOMAIN/management/v1/projects/:projectId/apps/:appId' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'
Request Collapse all
Base URL
https://$CUSTOM-DOMAIN/management/v1
Auth
Parameters
— pathrequired
— pathrequired
— header
ResponseClear

Click the Send API Request button above and see the response here!