cb3aa4de10
* Improve deprecation messaging for Application#vapid_key * Format JSON examples in Instance methods * Remove vapid_key from Apps API examples, since this property is deprecated on Application entity * Add documentation for new OAuth 2.0 features added in 4.3.0 * Improve documentation for oauth-scopes * Update content/en/api/oauth-scopes.md Co-authored-by: Matt Jankowski <matt@jankowski.online> * Update content/en/api/oauth-scopes.md Co-authored-by: Matt Jankowski <matt@jankowski.online> * Update content/en/api/oauth-scopes.md Co-authored-by: Matt Jankowski <matt@jankowski.online> * Update content/en/api/oauth-scopes.md Co-authored-by: Matt Jankowski <matt@jankowski.online> * Add deprecated and removed shortcode labels * Use deprecated and removed shortcodes * Improve OAuth documentation * More OAuth documentation improvements * Correct streaming API documentation after 4.2.0 changes * Add note about improved Push Subscription API validation in 4.3.0 * Fix inconsistent OAuth label formatting * Add note that there is a relationship between Accounts and the Application used to create them * Add note that application registration endpoint also supports JSON bodies * Be consistent in the formatting of placeholder values for Bearer tokens * code review changes * Slight changes in wording * Add documentation for PKCE * Removal of crypto oauth scope * Cross-link authorization's scope with the OAuth Scopes documentation * Update content/en/methods/oauth.md * Update content/en/api/oauth-scopes.md --------- Co-authored-by: Matt Jankowski <matt@jankowski.online> Co-authored-by: David Roetzel <david@roetzel.de>
3.7 KiB
| title | description | menu | aliases | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Application | Represents an application that interfaces with the REST API to access accounts or post statuses. |
|
|
Example
{
"name": "Test Application",
"website": "https://app.example",
"scopes": ["read", "write", "push"],
"redirect_uri": "https://app.example/callback\nhttps://app.example/register",
"redirect_uris": [
"https://app.example/callback",
"https://app.example/register"
]
}
Attributes
name
Description: The name of your application.
Type: String
Version history:
0.9.9 - added
website {{%optional%}}
Description: The website associated with your application.
Type: {{}} String (URL)
Version history:
0.9.9 - added
3.5.1 - this property is now nullable
scopes
Description: The scopes for your application. This is the registered scopes string split on whitespace.
Type: Array of Strings
Version history:
4.3.0 - added
redirect_uris
Description: The registered redirection URI(s) for your application.
Type: Array of String (URLs or "urn:ietf:wg:oauth:2.0:oob" as values)
Version history:
4.3.0 - added
redirect_uri {{%deprecated%}}
Description: The registered redirection URI(s) for your application.
May contain \n characters when multiple redirect URIs are registered.
Type: String
Version history:
0.0.0 - added
4.3.0 - deprecated in favour of [redirect_uris]({{< relref "entities/Application#redirect_uris" >}}), since the value of this property is not a well-formed URI when multiple redirect URIs are registered
vapid_key {{%deprecated%}}
Description: Used for Push Streaming API. Returned with [POST /api/v1/apps]({{< relref "methods/apps#create" >}}). Equivalent to [WebPushSubscription#server_key]({{< relref "entities/WebPushSubscription#server_key" >}}) and [Instance#vapid_public_key]({{< relref "entities/Instance#vapid_public_key" >}})
Type: String
Version history:
2.8.0 - added
4.3.0 - deprecated pending removal, please see [api/v2/instance]({{< relref "methods/Instance#v2">}}) for this value (configuration.vapid.public_key)
CredentialApplication attributes
All Application attributes and the following:
client_id
Description: Client ID key, to be used for obtaining OAuth tokens
Type: String
Version history:
0.9.9 - added
4.3.0 - moved to CredentialApplication from Application
client_secret
Description: Client secret key, to be used for obtaining OAuth tokens
Type: String
Version history:
0.9.9 - added
4.3.0 - moved to CredentialApplication from Application
client_secret_expires_at
Description: When the client secret key will expire at, presently this always returns 0 indicating that OAuth Clients do not expire
Type: String
Version history:
4.3.0 - added
See also
{{< page-relref ref="methods/apps" caption="apps API methods" >}}
{{< page-relref ref="entities/Status#application" caption="Status (application attribute)" >}}
{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/serializers/rest/application_serializer.rb" caption="app/serializers/rest/application_serializer.rb" >}}
{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/serializers/rest/credential_application_serializer.rb" caption="app/serializers/rest/credential_application_serializer.rb" >}}