Administration External Applications API
Admin API for registering external applications and authorising them to access specific client/brand tenants.
Two-resource model
-
External applications (
/v1/admin/external-applications) — registry of OAuth2 applications that can call the platform. Each application is identified by itsoAuthAppId(the OAuth2 client ID) and a human-readableslug. Soft-deleted applications (deleted: true) remain in the registry but are no longer authorised. -
Client mappings (
/v1/admin/external-applications/{oAuthAppId}/clients) — the set of client/brand tenants a given application is authorised to access. APUTon/{oAuthAppId}/clients/{slug}grants access;DELETErevokes it (soft delete).
Authentication: ADMIN role required (OAuth2 client-credentials,
ADMIN scope).
Error envelope: { errorCode, message, timestamp, traceId } where
errorCode follows the pattern {DOMAIN}{CLASSIFICATION}{SEQUENCE}.
Authentication
- OAuth 2.0: OAuth2
| Security Scheme Type: | oauth2 |
|---|---|
| OAuth Flow (clientCredentials): | Scopes:
|