The POST /environments/{environmentId}/applications operation adds a new application resource to the specified environment.

In addition to the required name attribute, the request body also specifies a value of “true” for the enabled attribute. If a value is not specified for the enabled attribute, it is set to false by default.

Base application data model (worker application)

Property Required? Type
enabled Y Boolean
name Y String
description N String
type Y One of: NATIVE_APP, WEB_APP, SINGLE_PAGE_APP, SERVICE, WORKER, CUSTOM_APP
protocol Y One of: OPENID_CONNECT, SAML
homePageUrl N URL
loginPageUrl N URL
icon.id N UUID
icon.href N URL
assignActorRoles N Boolean
tags N Array, available values: PING_FED_CONNECTION_INTEGRATION
accessControl.role.type N One of: ADMIN_USERS_ONLY. For ADMIN_USERS_ONLY, users must have at least one role assigned in order to receive a token. When omitted, there is no role restriction.
accessControl.group.type N One of ALL_GROUPS, ANY_GROUP. For ALL_GROUPS, users must belong to all referenced groups, and for ANY_GROUP, users must belong to at least one referenced group. When omitted, there is no role restriction.
accessControl.group.groups N Array
accessControl.group.groups.id N UUID

Additional OIDC settings

Property Required? Type
grantTypes Y One or more of: AUTHORIZATION_CODE, IMPLICIT, REFRESH_TOKEN, CLIENT_CREDENTIALS
postLogoutRedirectUris Y One or more URLs
redirectUris Y One or more URLs`
responseTypes Y One or more of: TOKEN, ID_TOKEN, CODE
tokenEndpointAuthMethod Y One of: NONE, CLIENT_SECRET_BASIC, CLIENT_SECRET_POST
pkceEnforcement N One of: OPTIONAL, REQUIRED, S256_REQUIRED; default OPTIONAL
refreshTokenDuration N Integer (60 - {maxInt})
refreshTokenRollingDuration N Integer (60 - {maxInt})