Manage Applications
Applications are containers that developers create to group subscriptions and credentials. Application management APIs are exposed by the standalone Developer Portal backend rather than the Dashboard / Provider Portal Admin API.
Prerequisites
Export the following variables before running the examples in this guide:
export PORTAL_API="https://localhost:4321"
export PORTAL_TOKEN="a7prt-xxxxxxxxxxxxx"
export DEVELOPER_ID="developer-or-organization-id"
PORTAL_TOKENis the bearer token created from Provider Portal > Portal Settings > Tokens.DEVELOPER_IDis sent in theX-Portal-Developer-IDheader. In the default Developer Portal implementation, this is the developer or active organization identifier associated with the current session.- If you are not running locally, set
PORTAL_APIto your Developer Portal backend host. The-kflag is required if the backend uses a self-signed TLS certificate.
These examples use the standalone Developer Portal backend on port 4321, not the Dashboard / Provider Portal Admin API on port 7443.
The routes in this guide are backend API routes implemented by the standalone Developer Portal backend. The default Developer Portal frontend calls these fixed endpoints, but how your portal obtains the portal token and active developer context can vary by implementation.
Create an Application
curl -k "${PORTAL_API}/api/applications" \
-H "Authorization: Bearer ${PORTAL_TOKEN}" \
-H "X-Portal-Developer-ID: ${DEVELOPER_ID}" \
-H "Content-Type: application/json" \
-d '{
"name": "Mobile App Backend",
"desc": "Application used by the mobile app backend",
"labels": {
"team": "mobile",
"environment": "production"
}
}'
name is required. desc and labels are optional.
List Applications
curl -k "${PORTAL_API}/api/applications" \
-H "Authorization: Bearer ${PORTAL_TOKEN}" \
-H "X-Portal-Developer-ID: ${DEVELOPER_ID}"
Get Application Details
curl -k "${PORTAL_API}/api/applications/{application_id}" \
-H "Authorization: Bearer ${PORTAL_TOKEN}" \
-H "X-Portal-Developer-ID: ${DEVELOPER_ID}"
Update an Application
curl -k -X PUT "${PORTAL_API}/api/applications/{application_id}" \
-H "Authorization: Bearer ${PORTAL_TOKEN}" \
-H "X-Portal-Developer-ID: ${DEVELOPER_ID}" \
-H "Content-Type: application/json" \
-d '{
"name": "Mobile App Backend",
"desc": "Updated application description",
"labels": {
"team": "mobile",
"environment": "staging"
}
}'
Use the request body to replace the application's name, desc, and labels values.
Delete an Application
curl -k -X DELETE "${PORTAL_API}/api/applications/{application_id}" \
-H "Authorization: Bearer ${PORTAL_TOKEN}" \
-H "X-Portal-Developer-ID: ${DEVELOPER_ID}"
Application Structure
Each application belongs to a single active developer context and contains:
| Component | Description |
|---|---|
| Subscriptions | Links to API products that grant the application access to consume APIs. |
| Credentials | Authentication tokens (API keys, basic auth, OAuth clients) used to authenticate API requests. |
| Labels | Optional key-value pairs for categorization and filtering. |
API Usage Tracking
Retrieve API call statistics for an application within a time range:
curl -k "${PORTAL_API}/api/applications/api_calls?application_id={application_id}&start_at={unix_start_at}&end_at={unix_end_at}" \
-H "Authorization: Bearer ${PORTAL_TOKEN}" \
-H "X-Portal-Developer-ID: ${DEVELOPER_ID}"
This returns usage metrics that help you understand how the application is consuming your APIs.
Use Unix timestamps in seconds for start_at and end_at.
Application Lifecycle
Applications follow this lifecycle:
- Created by a developer in the Developer Portal.
- Active while the developer uses it to subscribe to API products and make API calls.
- Deleted by the developer or cascaded when the developer account is deleted.
Deleting an application also deletes all its credentials and cancels all its subscriptions. For OAuth (DCR) credentials, the registered clients are also removed from the identity provider.