Create a new OAuth application
OAuth
Create OAuth Application
⚠️ SECURITY: Creates an OAuth2 application. Only OWNERS and ADMINS can create OAuth apps. Returns client secret ONCE - store it securely!
POST
Create a new OAuth application
Creates a new OAuth2 application for your organization. Only OWNERS and ADMINS can create OAuth apps.
Permissions
Only OWNERS and ADMINS can create OAuth applications.Request Body
| Field | Type | Required | Description |
|---|---|---|---|
name | string | Yes | Application name (1-100 characters) |
description | string | No | Application description (max 500 characters) |
redirectUri | string | No | Redirect URI for OAuth flow |
scopes | array | Yes | OAuth scopes requested |
Available Scopes
read:user- Read user informationwrite:user- Modify user informationread:organization- Read organization datawrite:organization- Modify organization dataread:members- Read member informationwrite:members- Modify membersread:webhooks- Read webhook configurationwrite:webhooks- Manage webhooksadmin:organization- Full organization admin accessadmin:all- Full system access
Example Request
Example Response
Security Notes
- The
clientSecretis only returned once during creation - Store the secret securely (environment variables, secret manager)
- Never commit secrets to version control
- Rotate secrets if compromised
Common Errors
400 Bad Request
Invalid input data or validation errors.401 Unauthorized
Authentication required.403 Forbidden
Only owners and admins can create OAuth applications.Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
Body
application/json
Application name
Required string length:
1 - 100Example:
"My Integration"
OAuth scopes requested
Available options:
read:user, write:user, read:organization, write:organization, read:members, write:members, read:webhooks, write:webhooks, admin:organization, admin:all Example:
["read:organization", "write:organization"]Application description
Maximum string length:
500Example:
"Integration for managing organization data"
Redirect URI for OAuth flow
Example:
"https://example.com/callback"
Response
OAuth application created successfully. Client secret returned only once - save it immediately!