---
title: "OAuth Applications"
description: "REST endpoints for oauth applications. Bearer-auth required."
section: "API"
group: "REST"
order: 49
---

## POST /api/oauth-applications

Register a new OAuth application

**Request body**

```json
{
  "ownerOrgId": "string",
  "name": "string",
  "type": "web | native | public | user-agent-based",
  "redirectUrls": ["string"],
  "allowedScopes?": ["workspace:read | workspace:write"]
}
```

**Response**

```json
{
  "application": {
    "clientId": "<...>",
    "name": "<...>",
    "type": "<...>",
    "redirectUrls": "<...>",
    "ownerOrgId": "<...>",
    "allowedScopes": "<...>",
    "isFirstParty": "<...>",
    "disabled": "<...>",
    "createdAt": "<...>",
    "updatedAt": "<...>"
  },
  "clientSecret": "string"
}
```

## GET /api/oauth-applications/{id}

Get an OAuth application by ID.

**Path parameters**

- `id` (required): The OAuth `client_id` (acts as the SDK lookup key).

**Response**

```json
{
  "clientId": "string",
  "name": "string",
  "type": "web | native | public | user-agent-based",
  "redirectUrls": ["string"],
  "ownerOrgId": "string",
  "allowedScopes": ["workspace:read | workspace:write"],
  "isFirstParty": "boolean",
  "disabled": "boolean",
  "createdAt": "string",
  "updatedAt": "string"
}
```

## PATCH /api/oauth-applications/{id}

Update an OAuth application

**Path parameters**

- `id` (required):

**Request body**

```json
{
  "name?": "string",
  "redirectUrls?": ["string"],
  "allowedScopes?": ["workspace:read | workspace:write"]
}
```

**Response**

```json
{
  "clientId": "string",
  "name": "string",
  "type": "web | native | public | user-agent-based",
  "redirectUrls": ["string"],
  "ownerOrgId": "string",
  "allowedScopes": ["workspace:read | workspace:write"],
  "isFirstParty": "boolean",
  "disabled": "boolean",
  "createdAt": "string",
  "updatedAt": "string"
}
```

## DELETE /api/oauth-applications/{id}

Disable an OAuth application (soft)

**Path parameters**

- `id` (required):

**Response**

```json
{
  "success": "boolean"
}
```

## POST /api/oauth-applications/{id}/rotate-secret

Rotate an OAuth application's client_secret

**Path parameters**

- `id` (required):

**Response**

```json
{
  "application": {
    "clientId": "<...>",
    "name": "<...>",
    "type": "<...>",
    "redirectUrls": "<...>",
    "ownerOrgId": "<...>",
    "allowedScopes": "<...>",
    "isFirstParty": "<...>",
    "disabled": "<...>",
    "createdAt": "<...>",
    "updatedAt": "<...>"
  },
  "clientSecret": "string"
}
```