Manage Developers
Developers are the users of your Developer Portal. Some developer-management tasks are handled through the Provider Portal Admin API, while developer creation is exposed by the standalone Developer Portal backend.
Prerequisites
Create a token by following Obtain a Token from the Dashboard and export it:
export API_KEY="a7ee-xxxxxxxxxxxxx"
List Developers
Retrieve all developers registered on a portal:
curl -k "https://localhost:7443/api/developers?portal_id={portal_id}" \
-H "X-API-KEY: ${API_KEY}"
If you are not running locally, replace localhost with your Dashboard host. The -k flag is required if the Dashboard uses a self-signed TLS certificate.
The response includes developer metadata:
{
"list": [
{
"id": "d1a2b3c4-...",
"developer_id": "org_abc123",
"username": "jane.smith",
"name": "Jane Smith",
"email": "jane@example.com",
"email_verified": true,
"state": "Active",
"provider": "builtin",
"last_active_at": "2025-01-15T10:30:00Z",
"created_at": "2025-01-10T08:00:00Z"
}
],
"total": 1
}
To review pending registrations, use the approvals endpoint in the next section. In local verification, adding state=Pending to GET /api/developers did not provide a reliable pending-only filter.
Create a Developer
If you need to provision a developer programmatically, use the standalone Developer Portal backend rather than the Dashboard / Provider Portal Admin API.
export PORTAL_API="https://localhost:4321"
export PORTAL_TOKEN="a7prt-xxxxxxxxxxxxx"
Then create the developer:
curl -k "${PORTAL_API}/api/developers" \
-H "Authorization: Bearer ${PORTAL_TOKEN}" \
-H "Content-Type: application/json" \
-d '{
"developer_id": "partner-team-a"
}'
If you are not running locally, set PORTAL_API to your Developer Portal backend host. The -k flag is required if the backend uses a self-signed TLS certificate.
In the default Developer Portal implementation, organization invitations are typically handled in the Developer Portal experience itself.
Approve Developer Registration
When self-registration is enabled but auto-approval is disabled, new developer registrations create approval requests. Administrators must review and approve them.
List Pending Approvals
curl -k "https://localhost:7443/api/approvals?event=developer_registration&status=pending" \
-H "X-API-KEY: ${API_KEY}"
Approve a Registration
curl -k -X POST "https://localhost:7443/api/approvals/{approval_id}/accept" \
-H "X-API-KEY: ${API_KEY}"
On approval, the developer's state changes from Pending to Active. If email notifications are configured, the developer receives an approval confirmation email.
Reject a Registration
curl -k -X POST "https://localhost:7443/api/approvals/{approval_id}/reject" \
-H "X-API-KEY: ${API_KEY}"
On rejection, the developer account is deleted.
Delete a Developer
Deleting a developer removes the developer account and all associated resources:
curl -k -X DELETE "https://localhost:7443/api/developers/{developer_external_id}?portal_id={portal_id}" \
-H "X-API-KEY: ${API_KEY}"
Deleting a developer is irreversible and cascades to all resources owned by the developer, including applications, credentials, subscriptions, and pending approval requests.
Developer Identity Providers
The provider field on a developer record indicates how the account was created:
| Provider | Description |
|---|---|
builtin | Registered through the Developer Portal's built-in email/password authentication. |
sso | Authenticated through an external identity provider (OIDC, SAML, LDAP, or CAS). |