Application grants

Questions API
1

Hello,

while working with /api/v1/apps/{appId}/grants I noticed that for some apps for which grants (scopes) cannot be given the API responds with 404. I would like to avoid making redundant API calls, meaning not calling for grants for apps which cannot have grants. The question is how do I distinguish the ones which can have grants from the ones that cannot? I check the API documentation but did not find any info regarding that topic. I hope there is a param or a field in apps API (/api/v1/apps) that will help me filter them and retrieve the ones for which I can call for grants.

Thanks in advance!

2

Hello @minekaine,

The best idea here is going to be to use the List all Applications call and filter for app type with /api/v1/apps?q=oidc_client

This should allow you to narrow this down somewhat to apps that are possible to have grants. Give this a try and let me know if it helps!

3

Hello, thank you for your reply!

Your approach kinda works, it narrows the apps and for them I only receive 200s which is good. Although I have a small objection. For apps like this:

[...]
        "name": "saasure",
        "label": "Okta Admin Console"
[...]
        "signOnMode": "OPENID_CONNECT"

I also receive 200 for the /api/v1/apps/{appId}/grants though it does not apply to the filter suggested by you. And I do not want to miss any data. Should I perhaps filter by signOnMode == OPENID_CONNECT? Looking at the documentation I cannot do so in the request but I can also simply just parse the response and filter post request.

4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.