Create OAuth Application
Register a new OAuth 2.0 application for an organization.
Endpoint
POST /api/v1/organizations/{org_id}/oauth-applications
Headers
| Header | Required | Description |
|---|---|---|
Authorization | Yes | Bearer <access_token> |
Content-Type | Yes | application/json |
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
org_id | integer | Yes | Organization ID |
Request Body
{
"name": "My OAuth App",
"description": "Application description",
"grant_types": ["authorization_code", "client_credentials"],
"redirect_uris": [
"https://myapp.com/callback",
"https://myapp.com/oauth/callback"
],
"scopes": ["read", "write"],
"access_level": "organization"
}
Parameters
| Field | Type | Required | Description |
|---|---|---|---|
name | string | Yes | Application name |
description | string | No | Application description |
grant_types | array | Yes | Grant types: authorization_code, client_credentials |
redirect_uris | array | Yes | Allowed redirect URIs |
scopes | array | Yes | Organization-scoped scopes |
access_level | string | No | Access level: organization (default) |
Response
Success (201)
{
"success": true,
"data": {
"id": 1,
"name": "My OAuth App",
"description": "Application description",
"client_id": "550e8400-e29b-41d4-a716-446655440000",
"client_secret": "secret_abc123...",
"grant_types": ["authorization_code", "client_credentials"],
"redirect_uris": [
"https://myapp.com/callback",
"https://myapp.com/oauth/callback"
],
"scopes": ["read", "write"],
"access_level": "organization",
"status": "active",
"created_at": "2024-01-01T12:00:00Z",
"message": "OAuth application created successfully"
},
"message": "OAuth application created successfully"
}
Error (400)
{
"success": false,
"error": {
"code": "application_exists",
"message": "Application with this name already exists"
}
}
Features
- Auto-generates client_id (UUID) and client_secret
- Client secret is shown only once at creation
- Supports multiple grant types
- Supports multiple redirect URIs
- Organization-scoped scopes
- Only accessible by organization admins
Important Notes
WARNING: Save the client_secret immediately after creation, it won't be shown again!
Example
curl -X POST "https://api.rivergen.com/api/v1/organizations/1/oauth-applications" \
-H "Authorization: Bearer <access_token>" \
-H "Content-Type: application/json" \
-d '{
"name": "My OAuth App",
"description": "Application description",
"grant_types": ["authorization_code"],
"redirect_uris": ["https://myapp.com/callback"],
"scopes": ["read", "write"]
}'
Related Endpoints
- List Applications - List all applications
- Get Application - Get application details