post /organizations/{org_name}/developers/{developer_email}/apps
Creates an app associated with a developer, associates the app with an API product, and auto-generates an API key for the app to use in calls to API proxies inside the API product.
The name is the unique ID of the app that you can use in Edge API calls. The DisplayName
(set with an attribute) is what appears in the Edge UI. If you don't provide a DisplayName
, the name is used.
The keyExpiresIn
property sets the expiration on the API key. If you don't set a value or set the value to -1
, the API key never expires.
Ensure optimal API product and app security
An organization-level property, features.keymanagement.disable.unbounded.permissions
, strengthens the security of API products in verifying API calls. When the property is set to true
, the following features are enforced.
-
App creation: When creating a developer or company app, the Edge API requires that the app be associated with an API product. (The Edge UI already enforces this.)
-
API product configuration: To create or update an API product, the API product must include at least one API proxy or a resource path in its definition.
-
Runtime security: API calls are rejected by an API product in the following situations:
-
An API product doesn't include at least one API proxy or resource path.
-
If the
flow.resource.name
variable in the message doesn't include a resource path that the API product can evaluate. -
If the app making the API call isn't associated with an API product.
-
Note: Setting this organization property requires system administrator privileges. Edge for Private Cloud system administrators can add this property when updating organization properties. If you are an Edge for Public Cloud user, contact Apigee Support to set the organization property.
HTTP request
Path Parameters
org_name (required) | Organization name. |
developer_email (required) | Email address for the developer. |
Request Body
Developer app details.
Example
Developer app request.
apiProducts | List of API products to which the app is associated (when creating or updating an app). The name of the API product is the name returned when you list API products. For example, if the Display Name of the API product in the Edge UI is | |||||
attributes | List of attributes used for customizing profile information or for app-specific processing. With Apigee Edge for Public Cloud, the custom attribute limit is 18. Note the folowing:
| |||||
Developer app attribute name and value.
| ||||||
callbackUrl | Callback URL used by OAuth 2.0 authorization servers to communicate authorization codes back to apps. See the OAuth 2.0 documentation for more details. | |||||
keyExpiresIn | Lifetime of the consumer key that will be generated for the developer app, in milliseconds. The default value, | |||||
name (required) | Name of the developer app. Required when creating a developer app; not required when updating a developer app. The name is used to uniquely identify the app for this organization and developer. Names must begin with an alphanumeric character and can contain letters, numbers, spaces, and the following characters: | |||||
scopes | Scopes to apply to the app. The specified scope names must already exist on the API product that you associate with the app. | |||||
status | Status of the credential. |
Response Types
201:
Created
Body
Example
Developer app details.
appFamily | Output only. App family. | |||||||||||||||||||||||
apiProducts | List of API products to which the app is associated (when creating or updating an app). The name of the API product is the name returned when you list API products. For example, if the Display Name of the API product in the Edge UI is | |||||||||||||||||||||||
appId | Output only. ID of the app. | |||||||||||||||||||||||
attributes | List of attributes used for customizing profile information or for app-specific processing. With Apigee Edge for Public Cloud, the custom attribute limit is 18. Note the folowing:
| |||||||||||||||||||||||
Developer app attribute name and value.
| ||||||||||||||||||||||||
callbackUrl | Callback URL used by OAuth 2.0 authorization servers to communicate authorization codes back to apps. See the OAuth 2.0 documentation for more details. | |||||||||||||||||||||||
createdAt | Output only. Time the app was created in milliseconds since epoch. | |||||||||||||||||||||||
createdBy | Output only. Email address of the developer that created the app. | |||||||||||||||||||||||
credentials | Output only. Set of credentials for the app. Credentials are API key/secret pairs associated with API products. | |||||||||||||||||||||||
| ||||||||||||||||||||||||
developerId | Output only. ID of the developer. | |||||||||||||||||||||||
keyExpiresIn | Lifetime of the consumer key that will be generated for the developer app, in milliseconds. The default value, | |||||||||||||||||||||||
lastModifiedAt | Output only. Last modified time as milliseconds since epoch. | |||||||||||||||||||||||
lastModifiedBy | Output only. Email of developer that last modified the app. | |||||||||||||||||||||||
name (required) | Name of the developer app. Required when creating a developer app; not required when updating a developer app. The name is used to uniquely identify the app for this organization and developer. Names must begin with an alphanumeric character and can contain letters, numbers, spaces, and the following characters: | |||||||||||||||||||||||
scopes | Scopes to apply to the app. The specified scope names must already exist on the API product that you associate with the app. | |||||||||||||||||||||||
status | Status of the credential. |
400:
Bad request