Step 1: Create a single-page application
POST {{apiPath}}/environments/{{envID}}/applications
You can use the POST /environments/{{envID}}/applications endpoint to create the new single-page application. To configure this application to use PKCE to authenticate the token request, set the application's pkceEnforcement property to S256_REQUIRED. With PKCE enforcement enabled, you can set the application's tokenEndpointAuthMethod property to NONE.
The response data returns information about the new application, including its id property, which identifies the UUID for this application resource. The application's ID is required in Step 5 to make the authorization request and in Step 9 to make the token request.
Request Body
{"enabled"=>true, "name"=>"SPA_withAuthCode{{$timestamp}}", "description"=>"OIDC App (Single Page App)", "type"=>"SINGLE_PAGE_APP", "protocol"=>"OPENID_CONNECT", "grantTypes"=>["AUTHORIZATION_CODE"], "redirectUris"=>["https://example.com"], "responseTypes"=>["CODE"], "tokenEndpointAuthMethod"=>"NONE", "pkceEnforcement"=>"S256_REQUIRED", "refreshTokenDuration"=>86400, "refreshTokenRollingDuration"=>86400}
HEADERS
| Key | Datatype | Required | Description |
|---|---|---|---|
Authorization | string | ||
Content-Type | string |