zelo72/documentation
1
0
Fork 0
mirror of https://github.com/mastodon/documentation synced 2025-04-11 22:56:17 +02:00
Code Issues 6 Releases Wiki Activity
documentation/content/en/methods/apps.md
trwnh ffbe66a389
Update content for 4.0, part 2 (#1060) 
* fix relrefs around trends and related entities

* revert moving caption-links to middle of page

* hide empty menu in table of contents

* clarify edit notifs are only for boosted statuses

* following/followers no longer need auth

* fix typo

* specify cooldown period for account Move

* use the correct cooldown

* add missing parameters to accounts/id/statuses

* link to account_statuses_filter.rb

* fix typo (#1072)

* fix typo (#1073)

* fix link to http sig spec (#1067)

* simply HTTP request examples in api methods docs

* add missing client_secret to oauth/token (#1062)

* Add any, all, none to hashtag timeline

* minor formatting changes

* Update signature requirements and advice

* fix public key -> private key

* clarify use of RSA with SHA256

* Add note about saving your profile after adding rel-me link

* v2 filters api

* comment out params that shouldn't be used in v2 filter api

* admin trends

* remove old todo

* canonical email blocks + scheduled statuses

* remove under-construction warnings from finished pages

* verify api method params with source code

* fix typo (#1088)

* fix broken caption-links (#1100)

* fix formatting of entities (#1094)

* Remove keybase section from user guide (#1093)

* fix typos (#1092)

* Verify limits are accurate (#1086)

* add mention of iframe limitation (#1084)

* Add CORS header to WEB_DOMAIN example (#1083)

* Fix typo (#1081)

* pin http sigs spec at draft 8

* Revert "pin http sigs spec at draft 8"

This reverts commit 9fd5f7032b69b29e77599dd62adfe8d2f5cd4f20.

* add case sensitivity warning to 4.0 roles

* Add url length note to bio (#1087)

* remove follow scope from examples (#1103)

* clarify usage of update_credentials to update profile fields

* add noindex to Account entitity

* remove required hint from technically not required property
2022-12-14 22:55:30 +01:00

3.2 KiB
Raw Blame History

title description menu aliases
apps API methods Register client applications that can be used to obtain OAuth tokens.
docs
weight name parent identifier
10 apps methods methods-apps
/methods/apps
/api/methods/apps

Create an application

POST /api/v1/apps HTTP/1.1

Create a new application to obtain OAuth2 credentials.

Returns: [Application]({{< relref "entities/Application" >}})
OAuth: Public
Version history:
0.0.0 - added
2.7.2 - now returns vapid_key

Request

Form data parameters
client_name
{{}} String. A name for your application
redirect_uris
{{}} String. Where the user should be redirected after authorization. To display the authorization code to the user instead of redirecting to a web page, use urn:ietf:wg:oauth:2.0:oob in this parameter.
scopes
String. Space separated list of scopes. If none is provided, defaults to read. See [OAuth Scopes]({{< relref "api/oauth-scopes" >}}) for a list of possible scopes.
website
String. A URL to the homepage of your app

Response

200: OK

Store the client_id and client_secret in your cache, as these will be used to obtain OAuth tokens.

{
  "id": "563419",
  "name": "test app",
  "website": null,
  "redirect_uri": "urn:ietf:wg:oauth:2.0:oob",
  "client_id": "TWhM-tNSuncnqN7DBJmoyeLnk6K3iJJ71KKXxgL1hPM",
  "client_secret": "ZEaFUFmF0umgBX1qKJDjaU99Q31lDkOU8NutzTOoliw",
  "vapid_key": "BCk-QqERU0q-CfYZjcuB6lnyyOYfJ2AifKqfeGIm7Z-HiTU5T9eTG5GxVA0_OH5mMlI4UkkDTpaZwozy0TzdZ2M="
}
422: Unprocessable entity

If a required parameter is missing or improperly formatted, the request will fail.

{
  "error": "Validation failed: Redirect URI must be an absolute URI."
}

Verify your app works

GET /api/v1/apps/verify_credentials HTTP/1.1

Confirm that the app's OAuth2 credentials work.

Returns: [Application]({{< relref "entities/application" >}}), but without client_id or client_secret
OAuth level: App token
Version history:
2.0.0 - added
2.7.2 - now returns vapid_key

Request

Headers
Authorization
{{}} Provide this header with Bearer <user token> to gain authorized access to this API method.

Response

200: OK

If the Authorization header was provided with a valid token, you should see your app returned as an Application entity.

{
  "name": "test app",
  "website": null,
  "vapid_key": "BCk-QqERU0q-CfYZjcuB6lnyyOYfJ2AifKqfeGIm7Z-HiTU5T9eTG5GxVA0_OH5mMlI4UkkDTpaZwozy0TzdZ2M="
}
401: Unauthorized

If the Authorization header contains an invalid token, is malformed, or is not present, an error will be returned indicating an authorization failure.

{
  "error": "The access token is invalid"
}

See also

{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/controllers/api/v1/apps_controller.rb" caption="app/controllers/api/v1/apps_controller.rb" >}}

{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/controllers/api/v1/apps/credentials_controller.rb" caption="app/controllers/api/v1/apps/credentials_controller.rb" >}}