The endpoint /iso/dapp/application
allows you to create or update an application in Segura DevOps Secret Manager.
Requirements
- You must have an application created in Segura DevOps Secret Manager.
- You must have an authorization linked to your application.
- You must have permission to create applications in this application.
Request
- Method: POST.
- URL:
https://{URL}/iso/dapp/application
- Request Body:
application
(string): the name or identifier of the application being created.
system
(string): the system associated with the application.
environment
(string): the environment where the application will be deployed.
unique_key
(string): a unique key for the application.
cURL
curl -X POST \
'https://api.example.com/iso/dapp/application' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer your_token_here' \
-d '{
"application": "APP-SQL",
"system": "Teste_DSM",
"environment": "Teste_DSM",
"authentication_method": "OAuth 2.0",
"line_of_business": "Core business",
"application_type": "Security",
"aws_arns": [],
"authorized_resources": [ "Application", "CI/CD", "Secret Management" ],
"expiration_date": "",
"encryption_enabled": true,
"allowed_ips": [ "*" ],
"allowed_http_referers": [],
"certificate_fingerprint": "",
"cloud_profiles": [],
"credential_profiles": [{"device": "10.66.32.13", "profile": "SQLServer"}]
}'
Response
- Status Code:
200 OK
- Content-Type: application/json
Response Body Structure
{
"code": 0,
"response": {
"status": 0,
"message": "",
"error": true,
"error_code": 0,
"detail": "",
"mensagem": "",
"erro": true,
"cod_erro": 0
},
"tenant": "",
"id": "",
"signature": ""
}
Response Structure
Field |
Type |
Description |
code |
integer |
HTTP status code. |
response |
object |
Object containing response details. |
response.status |
integer |
Operation/error status. |
response.error |
boolean |
Indicates if there was an error. |
response.error_code |
integer |
For success, the error code is 0. |
response.detail |
string |
Additional details. |
tenant |
string |
Tenant identifier. |
id |
string |
Unique ID is generated for the application. |
signature |
string |
Security signature. |
Status Codes
Code |
Description |
200 |
Application created/updated successfully. |
400 |
Invalid request - incorrect parameters. |
401 |
Unauthorized - invalid token. |
403 |
Forbidden - no permission. |
500 |
Internal server error. |
Error Examples
400 - Bad Request
{
"code": 400,
"response": {
"status": 400,
"message": "Invalid application name",
"error": true,
"error_code": 1001,
"detail": "Application name cannot be empty"
}
}
401 - Unauthorized
{
"code": 401,
"response": {
"status": 401,
"message": "Invalid authentication token",
"error": true,
"error_code": 1002
}
}
Important
- The
expiration_date
field should be left blank to keep the authorization without an expiration date.
- Use
["*"]
in the allowed_ips
field to allow any IP address.
- Leave
allowed_http_referers
empty to allow any referer.
- It is recommended to set
encryption_enabled
to true
for better security.
- Default authorized resources include: "Application", "CI/CD", "Secret Management".