Applications

Create application

post /api/http/applications

Creates a new application. Marketplace application cannot be installed using this endpoint.

To create a multi-org application ( and connect application server to the current Space instance ) , pass connectToSpace = true. Learn more about multi-org applications in the documentation.

Required permissions: Create applications

Request arguments

object with fields:

name: string ( Required )
Displayed application name
description: string ( Nullable and Optional , defaults to null)
Description of the application ' s purpose
pictureAttachmentId: string ( Nullable and Optional , defaults to null)
Identifier of an image attachment. You can get image attachment id by uploading an image, see Create upload URL.
defaultExternalPicture: string ( Nullable and Optional , defaults to null)
URL of an image to be used as the application icon
email: string ( Nullable and Optional , defaults to null)
Email used during Git commit verification. Can only be specified at application creation.
clientId: string ( Nullable and Optional , defaults to null)
clientId is generated automatically if this parameter is omitted. Application ' s clientId is returned in response
clientSecret: string ( Nullable and Optional , defaults to null)
clientSecret is generated automatically if this parameter is omitted. Application's clientSecret can be retrieved through Get Client Secret endpoint.
clientCredentialsFlowEnabled: boolean ( Nullable and Optional , defaults to true)
Client Credentials flow is enabled by default. Pass false if the application only uses other flows.
codeFlowEnabled: boolean ( Nullable and Optional , defaults to false)
Pass true to enable Authorization Code Flow for the application. Learn more in the documentation.
codeFlowRedirectURIs: string ( Nullable and Optional , defaults to null)
When Authorization Code Flow is enabled, specifies redirect URIs that can be used in the flow. Learn more in the documentation.
pkceRequired: boolean ( Nullable and Optional , defaults to null)
When Authorization Code Flow is enabled, specifies whether PKCE extension must be used. Learn more in the documentation.
publicClientsAllowed: boolean ( Nullable and Optional , defaults to null)
When Authorization Code Flow is enabled, specifies whether clients can authenticate without client secret. Requires PKCE. Learn more in the documentation.
implicitFlowEnabled: boolean ( Nullable and Optional , defaults to false)
Deprecated since 2022-11-30: Implicit flow deprecated as not secure. Not available for new applications. Please use Authorization Code Flow with PKCE instead.. It will be removed in a future version.
implicitFlowRedirectURIs: string ( Nullable and Optional , defaults to null)
Deprecated since 2022-11-30: Implicit flow deprecated as not secure. Not available for new applications. Please use Authorization Code Flow with PKCE instead.. It will be removed in a future version.
endpointUri: string ( Nullable and Optional , defaults to null)
Space will send payloads ( for example, InitPayload) to application using this URL.
This is also a default URL for webhook requests (WebhookRequestPayload) . The URL for webhook requests can be redefined for each webhook.
endpointSslVerification: boolean ( Nullable and Optional , defaults to null)
SSL verification is turned on by default for connections that are established with application endpoint. Passing false will turn the verification off.
appLevelAuth: EndpointAuthCreate ( Nullable and Optional , defaults to null)
Type of authentication used by application server to make sure that payloads coming from Space are authentic.
Payloads from Space contain serverUrl property : the URL of the Space server sending the request. Authenticating the request ( making sure it indeed comes from the referenced Space server ) is essential to prevent fraudulent actions with your application.
sslKeystoreAuth: string ( Nullable and Optional , defaults to null)
Name of the SSL Keystore to be used when sending payloads to the application. You can create an SSL Keystore in Administration - > SSL Keystores.
hasSigningKey: boolean ( Nullable and Optional , defaults to null)
Deprecated since 2021-09-02: Use appLevelAuth instead. It will be removed in a future version.
hasPublicKeySignature: boolean ( Nullable and Optional , defaults to null)
Deprecated since 2021-09-02: Use appLevelAuth instead. It will be removed in a future version.
basicAuthUsername: string ( Nullable and Optional , defaults to null)
Deprecated since 2021-09-02: Use appLevelAuth instead. It will be removed in a future version.
basicAuthPassword: string ( Nullable and Optional , defaults to null)
Deprecated since 2021-09-02: Use appLevelAuth instead. It will be removed in a future version.
bearerAuthToken: string ( Nullable and Optional , defaults to null)
Deprecated since 2021-09-02: Use appLevelAuth instead. It will be removed in a future version.
connectToSpace: boolean ( Nullable and Optional , defaults to false)
Pass true to create a multi-org application and connect application server to the current Space instance. Learn more in the documentation.
state: string ( Nullable and Optional , defaults to null)
When passing connectToSpace = true, Space will send InitPayload to the application endpoint. The state value is passed in that InitPayload. Use this to perform multi-step application installation.

Response
`ES_App`

Set error message

post /api/http/applications/error-message

Provide error message to display on application page in Space UI. Provide null message to remove it.

Request arguments

object with fields:

message: string ( Nullable and Optional , defaults to null)

Response
No arguments

Report application as healthy

post /api/http/applications/report-application-as-healthy

Application may periodically call this api method to notify Space that it is functioning properly. This is mandatory for applications that connect external issue trackers.

Request arguments
No arguments

Response
No arguments

Force-remove application

post /api/http/applications/{application}/force-remove

Removes the application that has previously failed to respond with code 200 to ApplicationUninstalledPayload request, without sending additional ApplicationUninstalledPayload requests. The application is archived and its access terminated.

Required permissions: Delete applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Identifier of the application to force-remove

Response
No arguments

Restore application

post /api/http/applications/{application}/restore

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
No arguments

Get all applications

get /api/http/applications/paged

Required permissions: View applications

Request arguments
`$skip`: `string` (Query) ( Nullable and Optional , defaults to `null`)
`$top`: `integer` (format: int32) (Query) ( Nullable and Optional , defaults to `100`)
`name`: `string` (Query) ( Nullable and Optional , defaults to `null`)
`owner`: array of `ProfileIdentifier` (Query) ( Nullable and Optional , defaults to `null`)
`withArchived`: `boolean` (Query) ( Nullable and Optional , defaults to `false`)
`withManaged`: `boolean` (Query) ( Nullable and Optional , defaults to `true`)
`ordering`: `AppsOrdering` (Query) ( Nullable and Optional , defaults to `null`)

Response

object with fields:

next: string ( Required )
totalCount: integer (format: int32) ( Nullable and Optional , defaults to null)
data: array of ES_App ( Required )

Get application

get /api/http/applications/{application}

Required permissions: View applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
`ES_App`

Update application

patch /api/http/applications/{application}

Update existing application. Multi-org applications ( created with the parameter connectToSpace = true or installed from JetBrains Marketplace ) can only be updated by the application itself. Learn more about multi-org applications in the documentation.

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

The application that needs to be updated

object with fields:

name: string ( Optional )
Displayed application name
description: string ( Optional )
Description of the application ' s purpose
pictureAttachmentId: string ( Nullable and Optional )
Identifier of an image attachment. You can get image attachment id by uploading an image, see Create upload URL.
defaultExternalPicture: string ( Nullable and Optional )
URL of an image to be used as the application icon
clientSecret: string ( Optional )
Pass this parameter to update application's client secret. The client secret can be retrieved through Get Client Secret endpoint.
clientCredentialsFlowEnabled: boolean ( Optional )
Client Credentials Flow is enabled by default. Disable the flow if the application only uses other flows.
codeFlowEnabled: boolean ( Optional )
Authorization Code Flow is disabled by default. Pass true to enable Authorization Code Flow for the application. Learn more in the documentation.
codeFlowRedirectURIs: string ( Nullable and Optional )
When Authorization Code Flow is enabled, specifies redirect URIs that can be used in the flow. Learn more in the documentation.
pkceRequired: boolean ( Optional )
When Authorization Code Flow is enabled, specifies whether PKCE extension must be used. Learn more in the documentation.
publicClientsAllowed: boolean ( Optional )
When Authorization Code Flow is enabled, specifies whether clients can authenticate without client secret. Requires PKCE. Learn more in the documentation.
implicitFlowEnabled: boolean ( Optional )
Deprecated since 2022-12-06: Implicit flow deprecated as not secure. Not available for new applications. Please use Authorization Code Flow with PKCE instead.. It will be removed in a future version.
implicitFlowRedirectURIs: string ( Nullable and Optional )
Deprecated since 2022-12-06: Implicit flow deprecated as not secure. Not available for new applications. Please use Authorization Code Flow with PKCE instead.. It will be removed in a future version.
endpointUri: string ( Nullable and Optional )
Space will send payloads ( for example, MessagePayload) to application using this URL.
This is also a default URL for webhook requests (WebhookRequestPayload) . The URL for webhook requests can be redefined for each webhook.
endpointSslVerification: boolean ( Optional )
SSL verification is turned on by default for connections that are established with application endpoint. Passing false will turn the verification off.
hasVerificationToken: boolean ( Optional )
Deprecated since 2021-09-02: VerificationToken is an obsolete auth method - use it to turn it off. It will be removed in a future version.
hasPublicKeySignature: boolean ( Optional )
Deprecated since 2021-09-02: Use appLevelAuth instead. It will be removed in a future version.
hasSigningKey: boolean ( Optional )
Deprecated since 2021-09-02: Use appLevelAuth instead. It will be removed in a future version.
appLevelAuth: EndpointAppLevelAuthUpdateType ( Optional )
Type of authentication used by application server to make sure that payloads coming from Space are authentic.
Payloads from Space contain serverUrl property : the URL of the Space server sending the request. Authenticating the request ( making sure it indeed comes from the referenced Space server ) is essential to prevent fraudulent actions with your application.
sslKeystoreAuth: string ( Nullable and Optional )
Name of the SSL Keystore to be used when sending payloads to the application. You can create an SSL Keystore in Administration - > SSL Keystores.
basicAuthUsername: string ( Optional )
Deprecated since 2022-12-06: Use appLevelAuth instead. It will be removed in a future version.
basicAuthPassword: string ( Optional )
Deprecated since 2022-12-06: Use appLevelAuth instead. It will be removed in a future version.
bearerAuthToken: string ( Optional )
Deprecated since 2022-12-06: Use appLevelAuth instead. It will be removed in a future version.

Response
`ES_App`

Delete application

delete /api/http/applications/{application}

Removes specified application. If the application is connected ( installed from Marketplace or through an install link ) , Space sends ApplicationUninstalledPayload to the application ' s server. The application is only actually deleted when the application server responds or when the ApplicationUninstalledPayload request times out multiple times.

This API method does not wait until the ApplicationUninstalledPayload request is finished and instead returns immediately. Consequently, the application may still be active right after this API method call.

If sending ApplicationUninstalledPayload has failed at least one time, a user may choose to force-remove the application. In this case the access for the application is terminated and it can no longer make requests.

Required permissions: Delete applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Identifier of the application to remove

Response
No arguments

Bearer token

get /api/http/applications/{application}/bearer-token

Required permissions: View application secrets

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method.
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
`string`

Get last client credentials access info

get /api/http/applications/{application}/last-client-credentials-access

Required permissions: View applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
`AccessRecord`

Public keys

get /api/http/applications/{application}/public-keys

Returns list of public keys in JWKS format. If message signature is successfully verified with any of the returned public keys, the message can be considered authentic.

Required permissions: View applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
`string`

Set ui extensions

patch /api/http/applications/ui-extensions

Set UI extensions supported by the calling application in specified context. Only the application itself can set its extensions.

Request arguments

object with fields:

contextIdentifier: PermissionContextIdentifier ( Required )
extensions: array of AppUiExtensionIn ( Required )

Response
No arguments

Get applications authorized in context

get /api/http/applications/authorizations/authorized-applications

List applications authorized in specified context

Required permissions: View applications

Request arguments

contextIdentifier: string in one of the formats

channel: string
global
packageRepository: string
project: ProjectIdentifier

(Query) ( Required )

Response
array of `ES_App`

Get all parameters

get /api/http/applications/parameters

Return all application parameters. Only accessible with an app token, not a user token.

Request arguments
No arguments

Response
array of `AppParameter`

Get parameter

get /api/http/applications/parameters/{key}

Get application parameter by key. Only accessible with an app token, not a user token.

Request arguments
`key`: `string` (Path) ( Required )

Response
`string`

Set parameter

patch /api/http/applications/parameters/{key}

Set application parameter by key. Only accessible with an app token, not a user token. There is a limit of 100 app parameters per app. The key cannot be longer than 64 characters. The value cannot be longer than 1000 characters.

Request arguments

key: string (Path) ( Required )

object with fields:

value: string ( Required )

Response
No arguments

Remove parameter

delete /api/http/applications/parameters/{key}

Remove application parameter by key. Only accessible with an app token, not a user token.

Request arguments
`key`: `string` (Path) ( Required )

Response
No arguments

Get all profile parameters

get /api/http/applications/parameters/profile

Return all profile parameters, profile and application are derived from the access token. Only accessible with a user token, issued to an application.

Request arguments
No arguments

Response
array of `AppParameter`

Get profile parameter

get /api/http/applications/parameters/profile/{key}

Get profile parameter by key, profile and application are derived from the access token. Only accessible with a user token, issued to an application.

Request arguments
`key`: `string` (Path) ( Required )

Response
`string`

Set profile parameter

patch /api/http/applications/parameters/profile/{key}

Set profile parameter by key, profile and application are derived from the access token. Only accessible with a user token, issued to an application. There is a limit of 100 app parameters per app per profile. The key cannot be longer than 64 characters. The value cannot be longer than 1000 characters.

Request arguments

key: string (Path) ( Required )

object with fields:

value: string ( Required )

Response
No arguments

Remove profile parameter

delete /api/http/applications/parameters/profile/{key}

Remove profile parameter by key, profile and application are derived from the access token. Only accessible with a user token, issued to an application.

Request arguments
`key`: `string` (Path) ( Required )

Response
No arguments

Update unfurled domains

patch /api/http/applications/unfurls/domains

Update list of domains for unfurling by the application. Method is to be called by the application providing unfurls.

Required permissions: Update applications

Request arguments

object with fields:

domains: array of string ( Required )

Response
No arguments

Update unfurled patterns

patch /api/http/applications/unfurls/patterns

Update list of external ID prefixes for unfurling by the application. Method is to be called by the application providing unfurls.

Required permissions: Update applications

Request arguments

object with fields:

patterns: array of ApplicationUnfurlPatternRequest ( Required )

Response
No arguments

Post unfurls content

post /api/http/applications/unfurls/queue/content

Provide Space with unfurls content. Method is to be called by the application providing unfurls.

Required permissions: Provide external unfurls as attachments

Request arguments

object with fields:

unfurls: array of ApplicationUnfurl ( Required )

Response
array of `PostUnfurlContentResult`

Request external system authentication

post /api/http/applications/unfurls/queue/request-external-auth

Request user to authenticate in external system to provide unfurls from it. Method is to be called by the application providing unfurls.

Required permissions: Provide external unfurls as attachments

Request arguments

object with fields:

queueItemId: string ( Required )
message: ApplicationUnfurlContent.Message ( Required )

Response
No arguments

Clear external system authentication requests

post /api/http/applications/unfurls/queue/reset-external-auth-requests

Clear all external system authentication requests for the specified user. Method is to be called by the application providing unfurls.

Required permissions: Provide external unfurls as attachments

Request arguments

object with fields:

userId: ProfileIdentifier ( Required )

Response
No arguments

Get unfurl queue items

get /api/http/applications/unfurls/queue

Get links for unfurling by the application. Method is to be called by the application providing unfurls.

Required permissions: Provide external unfurls as attachments

Request arguments
`fromEtag`: `integer` (format: int64) (Query) ( Nullable and Optional , defaults to `null`)
`batchSize`: `integer` (format: int32) (Query) ( Required )

Response
array of `ApplicationUnfurlQueueItem`

Get all authorized contexts

get /api/http/applications/{application}/authorizations/authorized-contexts

List authorized contexts of an application

Required permissions: View applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
array of `PermissionContextApi`

Get all authorized rights

get /api/http/applications/{application}/authorizations/authorized-rights

List authorized rights of an application in specified context

Required permissions: View applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

contextIdentifier: string in one of the formats

channel: string
global
packageRepository: string
project: ProjectIdentifier

(Query) ( Required )

Response
array of `RightDTO`

Update authorized right

patch /api/http/applications/{application}/authorizations/authorized-rights

Generic method for editing authorized right status in given context.

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

object with fields:

contextIdentifier: PermissionContextIdentifier ( Required )
updates: array of RightUpdateDTO ( Required )
actor: PrincipalIn ( Nullable and Optional , defaults to null)
comment: string ( Nullable and Optional , defaults to null)

Response
No arguments

Delete authorized right

delete /api/http/applications/{application}/authorizations/authorized-rights

Remove application authorization in specified context

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

contextIdentifier: string in one of the formats

channel: string
global
packageRepository: string
project: ProjectIdentifier

(Query) ( Required )

Response
No arguments

Request rights

patch /api/http/applications/{application}/authorizations/authorized-rights/request-rights

Request rights for an application in specified context

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

object with fields:

contextIdentifier: PermissionContextIdentifier ( Required )
rightCodes: array of PermissionIdentifier ( Required )
actor: PrincipalIn ( Nullable and Optional , defaults to null)
comment: string ( Nullable and Optional , defaults to null)

Response
No arguments

Get all required rights

get /api/http/applications/{application}/authorizations/required-rights

List required rights for an application

Required permissions: View applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
array of `RightDTO`

Update required right

patch /api/http/applications/{application}/authorizations/required-rights

Update list of required rights for an application

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

object with fields:

rightCodesToAdd: array of PermissionIdentifier ( Required )
rightCodesToRemove: array of PermissionIdentifier ( Required )
requestRightsInAuthorizedContexts: boolean ( Required )

Response
No arguments

Regenerate app secret

post /api/http/applications/{application}/client-secret/regenerate

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
No arguments

Get client secret

get /api/http/applications/{application}/client-secret

Required permissions: View application secrets

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
`string`

Add gpg key

post /api/http/applications/{application}/gpg-keys

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

object with fields:

publicKey: string ( Required )
comment: string ( Optional , defaults to "")

Response
`GpgKeyData`

Get gpg keys

get /api/http/applications/{application}/gpg-keys

Required permissions: View applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
array of `GpgKeyData`

Revoke gpg key

patch /api/http/applications/{application}/gpg-keys/{fingerprint}

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

fingerprint: string (Path) ( Required )

object with fields:

comment: string ( Optional , defaults to "")

Response
No arguments

Delete gpg key

delete /api/http/applications/{application}/gpg-keys/{fingerprint}

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

fingerprint: string (Path) ( Required )

Response
No arguments

Create permanent token

post /api/http/applications/{application}/permanent-tokens

Create a permanent token for the given application that can be used to access the current organization

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

object with fields:

name: string ( Required )
scope: string ( Required )
expires: string (format: date-time) ( Nullable and Optional , defaults to null)

Response

object with fields:

first: ES_ApplicationPermanentToken ( Required )
second: string ( Required )

Get all permanent tokens

get /api/http/applications/{application}/permanent-tokens

Get permanent tokens used to access the current organization by the given application

Required permissions: View application secrets

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

$skip: string (Query) ( Nullable and Optional , defaults to null)

$top: integer (format: int32) (Query) ( Nullable and Optional , defaults to 100)

Response

object with fields:

next: string ( Required )
totalCount: integer (format: int32) ( Nullable and Optional , defaults to null)
data: array of ES_ApplicationPermanentToken ( Required )

Update permanent token

patch /api/http/applications/{application}/permanent-tokens/{tokenId}

Update an existing personal token used to access the current organization. The permanent token ' s name and/or scope can be updated.

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

tokenId: string (Path) ( Required )

object with fields:

name: string ( Nullable and Optional , defaults to null)
scope: string ( Nullable and Optional , defaults to null)
expires: string (format: date-time) ( Nullable and Optional )

Response
No arguments

Delete permanent token

delete /api/http/applications/{application}/permanent-tokens/{tokenId}

Delete a personal token used to access the current organization

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

tokenId: string (Path) ( Required )

Response
No arguments

Delete current permanent token

delete /api/http/applications/{application}/permanent-tokens/current

Delete personal token of the given application

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
No arguments

Regenerate signing key

post /api/http/applications/{application}/signing-key/regenerate

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
No arguments

Get signing key

get /api/http/applications/{application}/signing-key

Required permissions: View application secrets

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
`string`

Add ssh key

post /api/http/applications/{application}/ssh-keys

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

object with fields:

publicKey: string ( Required )
comment: string ( Required )

Response
No arguments

Get ssh keys

get /api/http/applications/{application}/ssh-keys

Required permissions: View applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
array of `SshKeyData`

Delete ssh key

delete /api/http/applications/{application}/ssh-keys/{fingerprint}

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

fingerprint: string (Path) ( Required )

Response
No arguments

Get ui extensions

get /api/http/applications/{application}/ui-extensions

Get UI extensions supported by the application in specified context. Omit contextIdentifier to get UI extensions in all contexts

Required permissions: View applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

contextIdentifier: string in one of the formats

channel: string
global
packageRepository: string
project: ProjectIdentifier

(Query) ( Required )

Response
array of `AppUiExtensionApi`

Disable application ui

patch /api/http/applications/{application}/ui-extensions/disable-for-everybody

Disable application UI for everybody in specified context. Requires Superadmin right for global context, AdminProject for project context, AdminChannel for channel context. Users will still be able to enable application UI individually.

Required permissions: View applications, Grant permissions to other members, Manage project permission scheme, Manage channels

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

object with fields:

contextIdentifier: PermissionContextIdentifier ( Required )

Response
No arguments

Disable application ui for me

patch /api/http/applications/{application}/ui-extensions/disable-for-me

Disable application UI in specified context for the current user

Required permissions: View applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

object with fields:

contextIdentifier: PermissionContextIdentifier ( Required )

Response
No arguments

Enable application ui

patch /api/http/applications/{application}/ui-extensions/enable-for-everybody

Enable application UI for everybody in specified context. Requires Superadmin right for global context, AdminProject for project context, AdminChannel for channel context. Users will still be able to disable application UI individually.

Required permissions: View applications, Grant permissions to other members, Manage project permission scheme, Manage channels

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

object with fields:

contextIdentifier: PermissionContextIdentifier ( Required )

Response
No arguments

Enable application ui for me

patch /api/http/applications/{application}/ui-extensions/enable-for-me

Enable application UI in specified context for the current user

Required permissions: View applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

object with fields:

contextIdentifier: PermissionContextIdentifier ( Required )

Response
No arguments

Authorize unfurled domains

post /api/http/applications/{application}/unfurl-domains/authorize

Authorize domains for unfurling by the application

Required permissions: Authorize domains and patterns for app-powered previews

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

object with fields:

domains: array of string ( Required )
List of domains to approve or reject providing link previews for
approve: boolean ( Required )
True for approving or false for denying link previews for the provided list of domains

Response
No arguments

Get all unfurl domains

get /api/http/applications/{application}/unfurl-domains

List domains for unfurling by the application

Required permissions: View applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
array of `ApplicationUnfurlDomain`

Authorize unfurled patterns

post /api/http/applications/{application}/unfurl-patterns/authorize

Authorize patterns for unfurling by the application

Required permissions: Authorize domains and patterns for app-powered previews

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

object with fields:

patterns: array of string ( Required )
List of external ID prefixes to approve or reject providing link previews for
approve: boolean ( Required )
True for approving or false for denying link previews for the provided list of external ID prefixes

Response
No arguments

Get all unfurl patterns

get /api/http/applications/{application}/unfurl-patterns

List patterns for unfurling by the application

Required permissions: View applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
array of `ApplicationUnfurlPattern`

Regenerate verification token

post /api/http/applications/{application}/verification-token/regenerate

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
No arguments

Get verification token

get /api/http/applications/{application}/verification-token

Required permissions: View application secrets

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

Response
`string`

Create webhook

post /api/http/applications/{application}/webhooks

Create application webhook

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

object with fields:

name: string ( Required )
description: string ( Nullable and Optional , defaults to null)
endpoint: EndpointCreateDTO ( Nullable and Optional , defaults to null)
endpointAuth: EndpointAuthCreateDTO ( Nullable and Optional , defaults to null)
enabled: boolean ( Optional , defaults to true)
acceptedHttpResponseCodes: array of integer (format: int32) ( Optional , defaults to [])
List of HTTP status codes outside 2xx range to be treated as successful ones by Space, when returned by the application server
doRetries: boolean ( Optional , defaults to true)
payloadFields: string ( Nullable and Optional , defaults to null)
payloadTemplate: string ( Nullable and Optional , defaults to null)
Experimental . This parameter is experimental and its behavior may be changed or removed in future versions
Alternatively to payloadFields, you can specify payloadTemplate parameter. This is a free-form template for HTTP body. You can use variables in the template, which will be replaced with actual values when the webhook is triggered. To reference a variable, use the following syntax : {{variableName}}. For example, for Chat Messages subscription, {{message.author.name}} will be replaced with the name of the author of the message. To escape an opening curly brace, use \{. To escape a backslash, use \\. To explore the available variables, please set up a webhook for your application in UI with relevant subscriptions, and have a look at the Customize Payload section. The children of the payload node are available as variables.
subscriptions: array of SubscriptionDefinition ( Nullable and Optional , defaults to null)

Response
`WebhookRecord`

Get all webhooks

get /api/http/applications/{application}/webhooks

Get application webhooks

Required permissions: View applications

Request arguments
`application`: string in one of the formats `clientId`: `string` Specifies application by the client id that it uses to authenticate in Space Read more `id`: `string` Specifies application by the identifier that can be fetched via Get all applications method `me` Specifies application that corresponds to the caller of this API method. Applicable only for calls made by Space applications. (Path) ( Required )
`withArchived`: `boolean` (Query) ( Optional , defaults to `false`)
`query`: `string` (Query) ( Optional , defaults to `""`)
`$skip`: `string` (Query) ( Nullable and Optional , defaults to `null`)
`$top`: `integer` (format: int32) (Query) ( Nullable and Optional , defaults to `100`)

Response

object with fields:

next: string ( Required )
totalCount: integer (format: int32) ( Nullable and Optional , defaults to null)
data: array of FullWebhookDTO ( Required )

Post webhook

post /api/http/applications/{application}/webhooks/{webhookId}

Restore archived application webhook

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

webhookId: string (Path) ( Required )

Response
No arguments

Update webhook

patch /api/http/applications/{application}/webhooks/{webhookId}

Update application webhook

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

webhookId: string (Path) ( Required )

object with fields:

name: string ( Optional )
description: string ( Nullable and Optional )
enabled: boolean ( Optional )
endpoint: ExternalEndpointUpdateDTO ( Nullable and Optional )
endpointAuth: EndpointAuthUpdateDTO ( Nullable and Optional )
acceptedHttpResponseCodes: array of integer (format: int32) ( Optional )
doRetries: boolean ( Optional )
payloadFields: string ( Nullable and Optional )
payloadTemplate: string ( Nullable and Optional )
Experimental . This parameter is experimental and its behavior may be changed or removed in future versions
Alternatively to payloadFields, you can specify payloadTemplate parameter. This is a free-form template for HTTP body. You can use variables in the template, which will be replaced with actual values when the webhook is triggered. To reference a variable, use the following syntax : {{variableName}}. For example, for Chat Messages subscription, {{message.author.name}} will be replaced with the name of the author of the message. To escape an opening curly brace, use \{. To escape a backslash, use \\. To explore the available variables, please set up a webhook for your application in UI with relevant subscriptions, and have a look at the Customize Payload section. The children of the payload node are available as variables.

Response
No arguments

Delete webhook

delete /api/http/applications/{application}/webhooks/{webhookId}

Archive application webhook

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

webhookId: string (Path) ( Required )

Response
No arguments

Bearer token

get /api/http/applications/{application}/webhooks/{webhookId}/bearer-token

Required permissions: View application secrets

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

webhookId: string (Path) ( Required )

Response
`string`

Post custom header

post /api/http/applications/{application}/webhooks/{webhookId}/custom-headers

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

webhookId: string (Path) ( Required )

object with fields:

headers: array of CustomHttpHeaderDTO ( Required )

Response
No arguments

Get custom header

get /api/http/applications/{application}/webhooks/{webhookId}/custom-headers

Required permissions: View application secrets

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

webhookId: string (Path) ( Required )

Response
array of `CustomHttpHeaderDTO`

Regenerate

post /api/http/applications/{application}/webhooks/{webhookId}/signing-key/regenerate

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

webhookId: string (Path) ( Required )

Response
No arguments

Get signing key

get /api/http/applications/{application}/webhooks/{webhookId}/signing-key

Required permissions: View application secrets

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

webhookId: string (Path) ( Required )

Response
`string`

Create subscription

post /api/http/applications/{application}/webhooks/{webhookId}/subscriptions

Add webhook subscription

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

webhookId: string (Path) ( Required )

object with fields:

name: string ( Required )
subscription: CustomGenericSubscriptionIn ( Required )

Response
`SubscriptionDTO`

Get all subscriptions

get /api/http/applications/{application}/webhooks/{webhookId}/subscriptions

Get webhook subscriptions

Required permissions: View applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

webhookId: string (Path) ( Required )

Response
array of `SubscriptionDTO`

Request missing rights

post /api/http/applications/{application}/webhooks/{webhookId}/subscriptions/{subscriptionId}/request-missing-rights

Ensures that all permissions required for this subscription are requested in the corresponding permission role

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

webhookId: string (Path) ( Required )

subscriptionId: string (Path) ( Required )

Response
No arguments

Update subscription

patch /api/http/applications/{application}/webhooks/{webhookId}/subscriptions/{subscriptionId}

Update webhook subscription

Required permissions: Update applications

Request arguments
`application`: string in one of the formats `clientId`: `string` Specifies application by the client id that it uses to authenticate in Space Read more `id`: `string` Specifies application by the identifier that can be fetched via Get all applications method `me` Specifies application that corresponds to the caller of this API method. Applicable only for calls made by Space applications. (Path) ( Required )
`webhookId`: `string` (Path) ( Required )
`subscriptionId`: `string` (Path) ( Required )
object with fields: `name`: `string` ( Optional ) `enabled`: `boolean` ( Optional ) `subscription`: `CustomGenericSubscriptionIn` ( Optional )

Response
`SubscriptionDTO`

Delete subscription

delete /api/http/applications/{application}/webhooks/{webhookId}/subscriptions/{subscriptionId}

Delete webhook subscription

Required permissions: Update applications

Request arguments

application: string in one of the formats

clientId: string
Specifies application by the client id that it uses to authenticate in Space
Read more
id: string
Specifies application by the identifier that can be fetched via Get all applications method
me
Specifies application that corresponds to the caller of this API method.
Applicable only for calls made by Space applications.

(Path) ( Required )

webhookId: string (Path) ( Required )

subscriptionId: string (Path) ( Required )

Response
No arguments

Last modified: 06 September 2023