POST | Application

  • 1 minute(s) read
Prev Next

The endpoint /iso/dapp/application allows you to create or update an application in Segura DevOps Secret Manager.

Requirements

  • You must have an application created in Segura DevOps Secret Manager.
  • You must have an authorization linked to your application.
    • You must have permission to create applications in this application.

Request

  • Method: POST.
  • URL: https://{URL}/iso/dapp/application
  • Request Body:
    • application (string): the name or identifier of the application being created.
    • system (string): the system associated with the application.
    • environment (string): the environment where the application will be deployed.
    • unique_key (string): a unique key for the application.

cURL

curl -X POST \
    'https://api.example.com/iso/dapp/application' \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer your_token_here' \
    -d '{
        "application": "APP-SQL",
        "system": "Teste_DSM",
        "environment": "Teste_DSM",
        "authentication_method": "OAuth 2.0",
        "line_of_business": "Core business",
        "application_type": "Security",
        "aws_arns": [],
        "authorized_resources": [ "Application", "CI/CD", "Secret Management" ],
        "expiration_date": "",
        "encryption_enabled": true,
        "allowed_ips": [ "*" ],
        "allowed_http_referers": [],
        "certificate_fingerprint": "",
        "cloud_profiles": [],
        "credential_profiles": [{"device": "10.66.32.13", "profile": "SQLServer"}]
    }'

Response

  • Status Code: 200 OK
  • Content-Type: application/json

Response Body Structure


{
 "code": 0,
 "response": {
   "status": 0,
   "message": "",
   "error": true,
   "error_code": 0,
   "detail": "",
   "mensagem": "",
   "erro": true,
   "cod_erro": 0
 },
 "tenant": "",
 "id": "",
 "signature": ""
}

Response Structure

Field Type Description
code integer HTTP status code.
response object Object containing response details.
response.status integer Operation/error status.
response.error boolean Indicates if there was an error.
response.error_code integer For success, the error code is 0.
response.detail string Additional details.
tenant string Tenant identifier.
id string Unique ID is generated for the application.
signature string Security signature.

Status Codes

Code Description
200 Application created/updated successfully.
400 Invalid request - incorrect parameters.
401 Unauthorized - invalid token.
403 Forbidden - no permission.
500 Internal server error.

Error Examples

400 - Bad Request

{
        "code": 400,
        "response": {
                "status": 400,
                "message": "Invalid application name",
                "error": true,
                "error_code": 1001,
                "detail": "Application name cannot be empty"
        }
}

401 - Unauthorized

{
        "code": 401,
        "response": {
                "status": 401,
                "message": "Invalid authentication token",
                "error": true,
                "error_code": 1002
        }
}

Important

  1. The expiration_date field should be left blank to keep the authorization without an expiration date.
  2. Use ["*"] in the allowed_ips field to allow any IP address.
  3. Leave allowed_http_referers empty to allow any referer.
  4. It is recommended to set encryption_enabled to true for better security.
  5. Default authorized resources include: "Application", "CI/CD", "Secret Management".