API Documentation
<access-service>/api/v1/clientapps/{clientInfoId}

URL structure

https://access-service.xy-company.com/api/v1/clientapps/{clientInfoId}

where {clientInfoId} is the ID for the client application's configuration information.

Supported methods and overview

  • GET - used to retrieve information about a registered client application, based on this application's configuration information ID.
    Note: This ID value is not the client ID value.
  • PUT - used to modify the fields of a registered client application.
  • DELETE - used to delete a client application.

Note: The GET and DELETE methods take no parameters.

Detailed description

This API endpoint serves a number of purposes:

  • Retrieves a list of field information about the OAuth 2.0 configuration of a registered client application, using the client application's configuration information ID (i.e. not the client ID value).
    The configuration information ID of the required client application can be obatined by calling the GET method of the <access-service>/api/v1/clientapps API endpoint, which retrieves a list of field information for all client applications on the Covata Platform.
    Tip: All information returned in the response from a GET method call to this API endpoint is also returned in the response from a GET method call to the <access-service>/api/v1/clientapps endpoint. Therefore, there is no need to call the GET method on this API endpoint (if you do not already have the client application's configuration information ID).
  • Modifies the fields of a registered client application, using the client application's configuration information ID. Only certain fields are required/used based on the values specified for the authorizedGrantTypes field.
  • Deletes a registered client application from the Covata Platform. A Covata user account with the System administrator role would need to re-register this client application to allow it access to the Covata Platform's resources again.
    Note: This feature is not available in Covata Administration (i.e. through the 'Client Applications' configuration page).

Supported roles

This API endpoint supports the following Covata user roles (as described in the Covata Platform Administrator's Guide):

The Covata Platform's resources available to one of these Covata users (above) is determined by the access token passed in the header of requests to this endpoint.

Required headers

The appropriate access token as the Bearer token:

  • Authorization: Bearer a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6

The following header is required if the body of the request has a JSON object:

  • Content-Type: application/json

Optional parameters

The following optional parameters can also be sent in the body of the PUT request, each as individual members of a JSON object:

  • accessTokenValiditySeconds - .
  • appName - .
  • authorizedGrantTypes - password, authorization_code, refresh_token, implicit
  • clientId - .
  • clientSecret - .
  • refreshTokenValiditySeconds - .

  • registeredRedirectUris - .

    Example ():

Returns from a GET or PUT request

A JSON-formatted response containing the following members:

  • id - .
  • clientId - .
  • clientSecret - .
  • appName - .
  • authorizedGrantTypes - .
  • registeredRedirectUris - .
  • accessTokenValiditySeconds - .
  • refreshTokenValiditySeconds - .

  • enabled - .

    Example (response from ...):

Returns from a DELETE request

If the request succeeded, then an HTTP response status 200 OK is returned.