Applications Endpoints
The Applications API provides endpoints for discovering, managing, and monitoring applications and their associated accounts.
Base URL
All endpoints are relative to /api/v1/applications.
List Applications
Retrieve a paginated list of applications with optional filtering.
http
GET /api/v1/applicationsQuery Parameters
| Parameter | Type | Description |
|---|---|---|
search | string | Filter by application name (partial match) |
criticality | string | Filter by criticality level |
owner | string | Filter by owner email |
min_risk | number | Minimum risk score (0-100) |
max_risk | number | Maximum risk score (0-100) |
first | number | Number of items to return (default: 50) |
after | string | Cursor for pagination |
Response
json
{
"applications": [
{
"id": "app-123",
"application_id": "source-app-id",
"name": "Salesforce",
"description": "CRM platform",
"criticality": "high",
"owner": "admin@company.com",
"status": "active",
"risk_score": 45,
"total_accounts": 250,
"average_risk_score": 42,
"data_source_platform": "Okta",
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-02-01T14:22:00Z"
}
],
"pageInfo": {
"hasNextPage": true,
"endCursor": "cursor-token"
}
}Get Application
Retrieve details for a specific application.
http
GET /api/v1/applications/{id}Path Parameters
| Parameter | Type | Description |
|---|---|---|
id | string | Application ID |
Response
json
{
"id": "app-123",
"application_id": "source-app-id",
"name": "Salesforce",
"description": "CRM platform",
"criticality": "high",
"owner": "admin@company.com",
"technical_contact": "tech@company.com",
"business_contact": "business@company.com",
"compliance_required": true,
"risk_score": 45,
"data_classification": "confidential",
"environment": "production",
"status": "active",
"url": "https://company.salesforce.com",
"auth_method": "SAML",
"last_review_date": "2024-01-01T00:00:00Z",
"next_review_date": "2024-07-01T00:00:00Z",
"data_source_id": "ds-456",
"data_source_name": "Corporate Okta",
"data_source_platform": "Okta",
"total_accounts": 250,
"average_risk_score": 42,
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-02-01T14:22:00Z"
}Get Application Accounts
Retrieve accounts associated with a specific application.
http
GET /api/v1/applications/{id}/accountsPath Parameters
| Parameter | Type | Description |
|---|---|---|
id | string | Application ID |
Query Parameters
| Parameter | Type | Description |
|---|---|---|
limit | number | Number of accounts to return (default: 10) |
offset | number | Offset for pagination |
Response
json
{
"accounts": [
{
"id": "acc-789",
"name": "john.doe",
"email": "john.doe@company.com",
"display_name": "John Doe",
"account_type": "user",
"department": "Engineering",
"status": "active",
"risk_level": "medium"
}
],
"total": 250,
"limit": 10,
"offset": 0
}Batch Get Account Counts
Retrieve account counts for multiple applications in a single request.
http
POST /api/v1/applications/accountsRequest Body
json
{
"application_ids": ["app-123", "app-456", "app-789"]
}Response
json
{
"app-123": 250,
"app-456": 45,
"app-789": 120
}Get Application Statistics
Retrieve detailed statistics and metrics for an application.
http
GET /api/v1/applications/{id}/statisticsPath Parameters
| Parameter | Type | Description |
|---|---|---|
id | string | Application ID |
Response
json
{
"total_accounts": 250,
"average_risk_score": 42,
"mfa_disabled": {
"count": 15,
"percentage": 6
},
"password_issues": {
"never_set": 2,
"over_90_days": 45,
"over_180_days": 20,
"over_365_days": 8
},
"stale_accounts": {
"over_90_days": 30,
"over_180_days": 15,
"over_365_days": 5
},
"privileged_accounts": {
"total": 25,
"highly_privileged": 8,
"not_vaulted": 3,
"not_vaulted_percentage": 12
},
"other_risks": {
"shared_accounts": 5,
"no_owner": 12,
"breached": 0,
"failed_logins": 3
},
"account_distribution": {
"by_status": {
"active": 220,
"disabled": 25,
"suspended": 5
},
"by_type": {
"user": 200,
"service": 35,
"admin": 15
}
}
}Create Application
Create a new application record.
http
POST /api/v1/applications::: note Administrator Only This endpoint requires Administrator role. :::
Request Body
json
{
"name": "New Application",
"description": "Application description",
"criticality": "medium",
"owner": "owner@company.com",
"technical_contact": "tech@company.com",
"business_contact": "business@company.com",
"compliance_required": false,
"data_classification": "internal",
"environment": "production",
"status": "active",
"url": "https://app.company.com",
"auth_method": "OAuth2"
}Response
Returns the created application object with generated id and timestamps.
Update Application
Update an existing application.
http
PUT /api/v1/applications/{id}::: note Administrator Only This endpoint requires Administrator role. :::
Path Parameters
| Parameter | Type | Description |
|---|---|---|
id | string | Application ID |
Request Body
Include only the fields to update:
json
{
"description": "Updated description",
"criticality": "high",
"status": "active"
}Response
Returns the updated application object.
Update Application Owner
Update the owner of an application.
http
PUT /api/v1/applications/{id}/owner::: note Administrator Only This endpoint requires Administrator role. :::
Path Parameters
| Parameter | Type | Description |
|---|---|---|
id | string | Application ID |
Request Body
json
{
"owner": "newowner@company.com"
}Response
Returns the updated application object.
Delete Application
Delete an application record.
http
DELETE /api/v1/applications/{id}::: note Administrator Only This endpoint requires Administrator role. :::
Path Parameters
| Parameter | Type | Description |
|---|---|---|
id | string | Application ID |
Response
json
{
"success": true,
"message": "Application deleted successfully"
}Error Responses
All endpoints may return the following error responses:
| Status Code | Description |
|---|---|
400 | Bad Request - Invalid parameters |
401 | Unauthorized - Authentication required |
403 | Forbidden - Insufficient permissions |
404 | Not Found - Application does not exist |
500 | Internal Server Error |
Error Response Format
json
{
"error": {
"code": "VALIDATION_ERROR",
"message": "Invalid application ID format"
}
}Related Topics
- Application Management - User guide
- API Reference - General API information
- Accounts API - Account endpoints