Manage Developers
Developers are the users of your Developer Portal. This guide covers how to manage developer accounts from the Provider Portal using the Admin API.
List Developers
Retrieve all developers registered on a portal:
curl "https://{ADMIN_API_URL}/api/portals/{portal_id}/developers" \
-H "Authorization: Bearer $API_TOKEN"
The response includes developer metadata:
{
"list": [
{
"id": "d1a2b3c4-...",
"developer_id": "org_abc123",
"username": "jane.smith",
"name": "Jane Smith",
"email": "jane@example.com",
"email_verified": true,
"state": "Active",
"provider": "builtin",
"last_active_at": "2025-01-15T10:30:00Z",
"created_at": "2025-01-10T08:00:00Z"
}
],
"total": 1
}
Filter by State
To list only pending developers awaiting approval:
curl "https://{ADMIN_API_URL}/api/portals/{portal_id}/developers?state=Pending" \
-H "Authorization: Bearer $API_TOKEN"
Invite a Developer
Administrators can invite developers by providing a username and a one-time password:
curl "https://{ADMIN_API_URL}/api/portals/{portal_id}/developers/invites" \
-H "Authorization: Bearer $API_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"username": "john.doe",
"password": "temporary-password-123",
"name": "John Doe"
}'
The invited developer uses the provided username and password to log in for the first time. They should change their password after the initial login.
Approve Developer Registration
When self-registration is enabled but auto-approval is disabled, new developer registrations create approval requests. Administrators must review and approve them.
List Pending Approvals
curl "https://{ADMIN_API_URL}/api/approvals?event=developer_registration&status=pending" \
-H "Authorization: Bearer $API_TOKEN"
Approve a Registration
curl -X POST "https://{ADMIN_API_URL}/api/approvals/{approval_id}/accept" \
-H "Authorization: Bearer $API_TOKEN"
On approval, the developer's state changes from Pending to Active. If email notifications are configured, the developer receives an approval confirmation email.
Reject a Registration
curl -X POST "https://{ADMIN_API_URL}/api/approvals/{approval_id}/reject" \
-H "Authorization: Bearer $API_TOKEN"
On rejection, the developer account is deleted.
Delete a Developer
Deleting a developer removes the developer account and all associated resources:
curl -X DELETE "https://{ADMIN_API_URL}/api/portals/{portal_id}/developers/{developer_external_id}" \
-H "Authorization: Bearer $API_TOKEN"
Deleting a developer is irreversible and cascades to all resources owned by the developer, including applications, credentials, subscriptions, and pending approval requests.
Developer Identity Providers
The provider field on a developer record indicates how the account was created:
| Provider | Description |
|---|---|
builtin | Registered through the Developer Portal's built-in email/password authentication or invited by an administrator. |
sso | Authenticated through an external identity provider (OIDC, SAML, LDAP, or CAS). |