Creates a new application. Marketplace application cannot be installed using this endpoint.
To create a multi-org application ( and connect application server to the current Space instance ) , pass connectToSpace = true. Learn more about multi-org applications in the documentation.
Required permissions: Create applications
Request arguments
object with fields:
name: string ( Required )
Displayed application name
description: string ( Nullable and Optional , defaults to null)
Description of the application ' s purpose
pictureAttachmentId: string ( Nullable and Optional , defaults to null)
Identifier of an image attachment. You can get image attachment id by uploading an image, see Create upload URL.
defaultExternalPicture: string ( Nullable and Optional , defaults to null)
URL of an image to be used as the application icon
email: string ( Nullable and Optional , defaults to null)
Email used during Git commit verification. Can only be specified at application creation.
clientId: string ( Nullable and Optional , defaults to null)
clientId is generated automatically if this parameter is omitted. Application ' s clientId is returned in response
clientSecret: string ( Nullable and Optional , defaults to null)
clientSecret is generated automatically if this parameter is omitted. Application's clientSecret can be retrieved through Get Client Secret endpoint.
clientCredentialsFlowEnabled: boolean ( Nullable and Optional , defaults to true)
Client Credentials flow is enabled by default. Pass false if the application only uses other flows.
codeFlowEnabled: boolean ( Nullable and Optional , defaults to false)
Pass true to enable Authorization Code Flow for the application. Learn more in the documentation.
codeFlowRedirectURIs: string ( Nullable and Optional , defaults to null)
When Authorization Code Flow is enabled, specifies redirect URIs that can be used in the flow. Learn more in the documentation.
pkceRequired: boolean ( Nullable and Optional , defaults to null)
When Authorization Code Flow is enabled, specifies whether PKCE extension must be used. Learn more in the documentation.
publicClientsAllowed: boolean ( Nullable and Optional , defaults to null)
When Authorization Code Flow is enabled, specifies whether clients can authenticate without client secret. Requires PKCE. Learn more in the documentation.
implicitFlowEnabled: boolean ( Nullable and Optional , defaults to false)
implicitFlowRedirectURIs: string ( Nullable and Optional , defaults to null)
endpointUri: string ( Nullable and Optional , defaults to null)
Space will send payloads ( for example, InitPayload) to application using this URL.
This is also a default URL for webhook requests (WebhookRequestPayload) . The URL for webhook requests can be redefined for each webhook.
endpointSslVerification: boolean ( Nullable and Optional , defaults to null)
SSL verification is turned on by default for connections that are established with application endpoint. Passing false will turn the verification off.
appLevelAuth: EndpointAuthCreate ( Nullable and Optional , defaults to null)
Type of authentication used by application server to make sure that payloads coming from Space are authentic.
Payloads from Space contain serverUrl property : the URL of the Space server sending the request. Authenticating the request ( making sure it indeed comes from the referenced Space server ) is essential to prevent fraudulent actions with your application.
sslKeystoreAuth: string ( Nullable and Optional , defaults to null)
Name of the SSL Keystore to be used when sending payloads to the application. You can create an SSL Keystore in Administration - > SSL Keystores.
hasSigningKey: boolean ( Nullable and Optional , defaults to null)
hasPublicKeySignature: boolean ( Nullable and Optional , defaults to null)
basicAuthUsername: string ( Nullable and Optional , defaults to null)
basicAuthPassword: string ( Nullable and Optional , defaults to null)
bearerAuthToken: string ( Nullable and Optional , defaults to null)
connectToSpace: boolean ( Nullable and Optional , defaults to false)
Pass true to create a multi-org application and connect application server to the current Space instance. Learn more in the documentation.
state: string ( Nullable and Optional , defaults to null)
When passing connectToSpace = true, Space will send InitPayload to the application endpoint. The state value is passed in that InitPayload. Use this to perform multi-step application installation.
Provide error message to display on application page in Space UI. Provide null message to remove it.
Request arguments
object with fields:
message: string ( Nullable and Optional , defaults to null)
Response
No arguments
Report application as healthy
post /api/http/applications/report-application-as-healthy
Application may periodically call this api method to notify Space that it is functioning properly. This is mandatory for applications that connect external issue trackers.
Request arguments
No arguments
Response
No arguments
Force-remove application
post /api/http/applications/{application}/force-remove
Removes the application that has previously failed to respond with code 200 to ApplicationUninstalledPayload request, without sending additional ApplicationUninstalledPayload requests. The application is archived and its access terminated.
Required permissions: Delete applications
Request arguments
application: string in one of the formats
clientId: string
Specifies application by the client id that it uses to authenticate in Space
Update existing application. Multi-org applications ( created with the parameter connectToSpace = true or installed from JetBrains Marketplace ) can only be updated by the application itself. Learn more about multi-org applications in the documentation.
Required permissions: Update applications
Request arguments
application: string in one of the formats
clientId: string
Specifies application by the client id that it uses to authenticate in Space
Client Credentials Flow is enabled by default. Disable the flow if the application only uses other flows.
codeFlowEnabled: boolean ( Optional )
Authorization Code Flow is disabled by default. Pass true to enable Authorization Code Flow for the application. Learn more in the documentation.
codeFlowRedirectURIs: string ( Nullable and Optional )
When Authorization Code Flow is enabled, specifies redirect URIs that can be used in the flow. Learn more in the documentation.
pkceRequired: boolean ( Optional )
When Authorization Code Flow is enabled, specifies whether PKCE extension must be used. Learn more in the documentation.
publicClientsAllowed: boolean ( Optional )
When Authorization Code Flow is enabled, specifies whether clients can authenticate without client secret. Requires PKCE. Learn more in the documentation.
implicitFlowEnabled: boolean ( Optional )
implicitFlowRedirectURIs: string ( Nullable and Optional )
endpointUri: string ( Nullable and Optional )
Space will send payloads ( for example, MessagePayload) to application using this URL.
This is also a default URL for webhook requests (WebhookRequestPayload) . The URL for webhook requests can be redefined for each webhook.
endpointSslVerification: boolean ( Optional )
SSL verification is turned on by default for connections that are established with application endpoint. Passing false will turn the verification off.
Type of authentication used by application server to make sure that payloads coming from Space are authentic.
Payloads from Space contain serverUrl property : the URL of the Space server sending the request. Authenticating the request ( making sure it indeed comes from the referenced Space server ) is essential to prevent fraudulent actions with your application.
sslKeystoreAuth: string ( Nullable and Optional )
Name of the SSL Keystore to be used when sending payloads to the application. You can create an SSL Keystore in Administration - > SSL Keystores.
Removes specified application. If the application is connected ( installed from Marketplace or through an install link ) , Space sends ApplicationUninstalledPayload to the application ' s server. The application is only actually deleted when the application server responds or when the ApplicationUninstalledPayload request times out multiple times.
This API method does not wait until the ApplicationUninstalledPayload request is finished and instead returns immediately. Consequently, the application may still be active right after this API method call.
If sending ApplicationUninstalledPayload has failed at least one time, a user may choose to force-remove the application. In this case the access for the application is terminated and it can no longer make requests.
Required permissions: Delete applications
Request arguments
application: string in one of the formats
clientId: string
Specifies application by the client id that it uses to authenticate in Space
get /api/http/applications/{application}/public-keys
Returns list of public keys in JWKS format. If message signature is successfully verified with any of the returned public keys, the message can be considered authentic.
Required permissions: View applications
Request arguments
application: string in one of the formats
clientId: string
Specifies application by the client id that it uses to authenticate in Space
Get application parameter by key. Only accessible with an app token, not a user token.
Request arguments
key: string (Path) ( Required )
Response
string
Set parameter
patch /api/http/applications/parameters/{key}
Set application parameter by key. Only accessible with an app token, not a user token. There is a limit of 100 app parameters per app. The key cannot be longer than 64 characters. The value cannot be longer than 1000 characters.
Request arguments
key: string (Path) ( Required )
object with fields:
value: string ( Required )
Response
No arguments
Remove parameter
delete /api/http/applications/parameters/{key}
Remove application parameter by key. Only accessible with an app token, not a user token.
Request arguments
key: string (Path) ( Required )
Response
No arguments
Get all profile parameters
get /api/http/applications/parameters/profile
Return all profile parameters, profile and application are derived from the access token. Only accessible with a user token, issued to an application.
Set profile parameter by key, profile and application are derived from the access token. Only accessible with a user token, issued to an application. There is a limit of 100 app parameters per app per profile. The key cannot be longer than 64 characters. The value cannot be longer than 1000 characters.
Remove profile parameter by key, profile and application are derived from the access token. Only accessible with a user token, issued to an application.
Request arguments
key: string (Path) ( Required )
Response
No arguments
Update unfurled domains
patch /api/http/applications/unfurls/domains
Update list of domains for unfurling by the application. Method is to be called by the application providing unfurls.
Required permissions: Update applications
Request arguments
object with fields:
domains: array of string ( Required )
Response
No arguments
Update unfurled patterns
patch /api/http/applications/unfurls/patterns
Update list of external ID prefixes for unfurling by the application. Method is to be called by the application providing unfurls.
Disable application UI for everybody in specified context. Requires Superadmin right for global context, AdminProject for project context, AdminChannel for channel context. Users will still be able to enable application UI individually.
Required permissions: View applications, Grant permissions to other members, Manage project permission scheme, Manage channels
Request arguments
application: string in one of the formats
clientId: string
Specifies application by the client id that it uses to authenticate in Space
Enable application UI for everybody in specified context. Requires Superadmin right for global context, AdminProject for project context, AdminChannel for channel context. Users will still be able to disable application UI individually.
Required permissions: View applications, Grant permissions to other members, Manage project permission scheme, Manage channels
Request arguments
application: string in one of the formats
clientId: string
Specifies application by the client id that it uses to authenticate in Space
acceptedHttpResponseCodes: array of integer (format: int32) ( Optional , defaults to [])
List of HTTP status codes outside 2xx range to be treated as successful ones by Space, when returned by the application server
doRetries: boolean ( Optional , defaults to true)
payloadFields: string ( Nullable and Optional , defaults to null)
payloadTemplate: string ( Nullable and Optional , defaults to null)
Alternatively to payloadFields, you can specify payloadTemplate parameter. This is a free-form template for HTTP body. You can use variables in the template, which will be replaced with actual values when the webhook is triggered. To reference a variable, use the following syntax : {{variableName}}. For example, for Chat Messages subscription, {{message.author.name}} will be replaced with the name of the author of the message. To escape an opening curly brace, use \{. To escape a backslash, use \\. To explore the available variables, please set up a webhook for your application in UI with relevant subscriptions, and have a look at the Customize Payload section. The children of the payload node are available as variables.
subscriptions: array of SubscriptionDefinition ( Nullable and Optional , defaults to null)
acceptedHttpResponseCodes: array of integer (format: int32) ( Optional )
doRetries: boolean ( Optional )
payloadFields: string ( Nullable and Optional )
payloadTemplate: string ( Nullable and Optional )
Alternatively to payloadFields, you can specify payloadTemplate parameter. This is a free-form template for HTTP body. You can use variables in the template, which will be replaced with actual values when the webhook is triggered. To reference a variable, use the following syntax : {{variableName}}. For example, for Chat Messages subscription, {{message.author.name}} will be replaced with the name of the author of the message. To escape an opening curly brace, use \{. To escape a backslash, use \\. To explore the available variables, please set up a webhook for your application in UI with relevant subscriptions, and have a look at the Customize Payload section. The children of the payload node are available as variables.