Manage Developers
Developers are the users of your Developer Portal. Some developer-management tasks are handled through the Provider Portal Admin API, while developer creation is exposed by the standalone Developer Portal backend.
Prerequisites
Create a token by following Obtain a Token from the Dashboard and export it:
export API_KEY="a7ee-xxxxxxxxxxxxx"
List Developers
Retrieve all developers registered on a portal:
curl -k "https://localhost:7443/api/developers?portal_id={portal_id}" \
-H "X-API-KEY: ${API_KEY}"
If you are not running locally, replace localhost with your Dashboard host. The -k flag is required if the Dashboard uses a self-signed TLS certificate.
The response includes developer metadata:
{
"list": [
{
"id": "d1a2b3c4-...",
"developer_id": "org_abc123",
"username": "jane.smith",
"name": "Jane Smith",
"email": "jane@example.com",
"email_verified": true,
"state": "Active",
"provider": "builtin",
"last_active_at": "2025-01-15T10:30:00Z",
"created_at": "2025-01-10T08:00:00Z"
}
],
"total": 1
}
To review pending registrations, use the approvals endpoint in the next section. In local verification, adding state=Pending to GET /api/developers did not provide a reliable pending-only filter.
Create a Developer
Developer accounts are normally created through Developer Portal self-registration (see Register and Log In).
To provision a developer programmatically, call the standalone Developer Portal backend (default :4321), not the Dashboard / Provider Portal Admin API. The relevant endpoint is POST /api/developers; request body, response schema, and authentication headers (Authorization: Bearer a7prt-… plus X-Portal-Developer-ID: <id>) are documented in the Developer Portal API reference.
In the default Developer Portal implementation, organization invitations are typically handled in the Developer Portal experience itself rather than through this endpoint.
Approve Developer Registration
When self-registration is enabled but auto-approval is disabled, new developer registrations create approval requests. Administrators must review and approve them.
List Pending Approvals
curl -k "https://localhost:7443/api/approvals?event=developer_registration&status=pending" \
-H "X-API-KEY: ${API_KEY}"
Approve a Registration
curl -k -X POST "https://localhost:7443/api/approvals/{approval_id}/accept" \
-H "X-API-KEY: ${API_KEY}"
On approval, the developer's state changes from Pending to Active. If email notifications are configured, the developer receives an approval confirmation email.
Reject a Registration
curl -k -X POST "https://localhost:7443/api/approvals/{approval_id}/reject" \
-H "X-API-KEY: ${API_KEY}"
On rejection, the developer account is deleted.
Delete a Developer
Deleting a developer removes the developer account and all associated resources:
curl -k -X DELETE "https://localhost:7443/api/developers/{developer_external_id}?portal_id={portal_id}" \
-H "X-API-KEY: ${API_KEY}"
Deleting a developer is irreversible and cascades to all resources owned by the developer, including applications, credentials, subscriptions, and pending approval requests.
Developer Identity Providers
The provider field on a developer record indicates how the account was created:
| Provider | Description |
|---|---|
builtin | Registered through the Developer Portal's built-in email/password authentication. |
sso | Authenticated through an external identity provider (OIDC, SAML, LDAP, or CAS). |