Update application credential

client.Zones.ApplicationCredentials.Update(ctx, id, params) (*CredentialUnion, error)

PATCH/zones/{zoneId}/application-credentials/{id}

Updates an application credential's configuration

ParametersExpand Collapse

id string

params ZoneApplicationCredentialUpdateParams

ZoneID param.Field[string]

Path param

Subject param.Field[string]optional

Body param: Subject identifier for the token. Set to null to unset, which allows any token from the provider to be accepted without checking application-specific claims.

Type param.Field[ZoneApplicationCredentialUpdateParamsIamTokenCredentialUpdateType]optional

Body param

const ZoneApplicationCredentialUpdateParamsIamTokenCredentialUpdateTypeToken ZoneApplicationCredentialUpdateParamsIamTokenCredentialUpdateType = "token"

ReturnsExpand Collapse

type CredentialUnion interface{…}

Credentials for accessing external services from applications

Accepts one of the following:

type Token struct{…}

Token-based application credential

Identifier string

Identifier for this credential. For token type, this equals the subject value, or '*' when subject is not specified.

ProviderID string

ID of the provider issuing tokens verified by this credential

Type string

DeprecatedProvider Provideroptional

A Provider is a system that supplies access to Resources and allows actors (Users or Applications) to authenticate.

ID string

Unique identifier of the provider

CreatedAt Time

Entity creation timestamp

formatdate-time

Identifier string

User specified identifier, unique within the zone

minLength1

maxLength2048

Name string

Human-readable name

minLength1

maxLength255

OrganizationID string

Organization that owns this provider

OwnerType ProviderOwnerType

Who owns this provider. Platform-owned providers cannot be modified via API.

Accepts one of the following:

const ProviderOwnerTypePlatform ProviderOwnerType = "platform"

const ProviderOwnerTypeCustomer ProviderOwnerType = "customer"

Slug string

URL-safe identifier, unique within the zone

minLength1

maxLength63

UpdatedAt Time

Entity update timestamp

formatdate-time

ZoneID string

Zone this provider belongs to

ClientID stringoptional

OAuth 2.0 client identifier

ClientSecretSet booloptional

Indicates whether a client secret is configured

Description stringoptional

Human-readable description

maxLength2048

Metadata anyoptional

Provider metadata

Protocols ProviderProtocolsoptional

Protocol-specific configuration

Oauth2 ProviderProtocolsOauth2optional

OAuth 2.0 protocol configuration

Issuer string

OIDC issuer URL used for discovery and token validation.

formaturi

AuthorizationEndpoint stringoptional

formaturi

AuthorizationParameters map[string, string]optional

Custom query parameters appended to authorization redirect URLs. Use for non-standard providers (e.g. Google prompt=consent, access_type=offline).

AuthorizationResourceEnabled booloptional

Whether to include the resource parameter in authorization requests.

AuthorizationResourceParameter stringoptional

The resource parameter value to include in authorization requests. Defaults to "resource" when authorization_resource_enabled is true.

CodeChallengeMethodsSupported []stringoptional

JwksUri stringoptional

formaturi

RegistrationEndpoint stringoptional

formaturi

ScopeParameter stringoptional

The query parameter name for scopes in authorization requests. Defaults to "scope". Slack v2 uses "user_scope".

ScopeSeparator stringoptional

The separator character for scope values. Defaults to " " (space). Slack v2 uses ",".

ScopesSupported []stringoptional

TokenEndpoint stringoptional

formaturi

TokenResponseAccessTokenPointer stringoptional

Dot-separated path to the access token in the token response body. Defaults to "access_token". Slack v2 uses "authed_user.access_token".

Openid ProviderProtocolsOpenidoptional

OpenID Connect protocol configuration

UserinfoEndpoint stringoptional

formaturi

Type ProviderTypeoptional

Accepts one of the following:

const ProviderTypeExternal ProviderType = "external"

const ProviderTypeKeycardVault ProviderType = "keycard-vault"

const ProviderTypeKeycardSts ProviderType = "keycard-sts"

Subject stringoptional

Subject identifier for the token. When null or omitted, any token from the provider is accepted without checking application-specific claims.

type Password struct{…}

Password-based application credential

Identifier string

Username for password credential, also used as OAuth 2.0 client ID

Type string

Password stringoptional

Password for credential (only returned on creation, store securely), also used as OAuth 2.0 client secret

type PublicKey struct{…}

Public key-based application credential

Identifier string

Client ID for public key credential, also used as OAuth 2.0 client ID

JwksUri string

JWKS URI to retrieve public keys from

formaturi

Type string

type URL struct{…}

URL-based application credential

Identifier string

URL of the credential (must be a valid URL)

formaturi

Type string

type Public struct{…}

Public credential (no secret storage)

Identifier string

Identifier for public credential, also used as OAuth 2.0 client ID

Type string

Update application credential

package main

import (
  "context"
  "fmt"

  "github.com/keycardai/keycard-go"
)

func main() {
  client := keycard.NewClient(

  )
  credential, err := client.Zones.ApplicationCredentials.Update(
    context.TODO(),
    "id",
    keycard.ZoneApplicationCredentialUpdateParams{
      ZoneID: "zoneId",
    },
  )
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", credential)
}

{
  "id": "id",
  "application_id": "application_id",
  "created_at": "2019-12-27T18:11:19.117Z",
  "organization_id": "organization_id",
  "slug": "slug",
  "updated_at": "2019-12-27T18:11:19.117Z",
  "zone_id": "zone_id",
  "application": {
    "id": "id",
    "created_at": "2019-12-27T18:11:19.117Z",
    "dependencies_count": 0,
    "identifier": "x",
    "name": "x",
    "organization_id": "organization_id",
    "owner_type": "platform",
    "slug": "slug",
    "updated_at": "2019-12-27T18:11:19.117Z",
    "zone_id": "zone_id",
    "description": "description",
    "metadata": {
      "docs_url": "https://example.com"
    },
    "protocols": {
      "oauth2": {
        "post_logout_redirect_uris": [
          "https://example.com"
        ],
        "redirect_uris": [
          "https://example.com"
        ]
      }
    }
  },
  "identifier": "identifier",
  "provider_id": "provider_id",
  "type": "token",
  "provider": {
    "id": "id",
    "created_at": "2019-12-27T18:11:19.117Z",
    "identifier": "x",
    "name": "x",
    "organization_id": "organization_id",
    "owner_type": "platform",
    "slug": "slug",
    "updated_at": "2019-12-27T18:11:19.117Z",
    "zone_id": "zone_id",
    "client_id": "client_id",
    "client_secret_set": true,
    "description": "description",
    "metadata": {},
    "protocols": {
      "oauth2": {
        "issuer": "https://example.com",
        "authorization_endpoint": "https://example.com",
        "authorization_parameters": {
          "foo": "string"
        },
        "authorization_resource_enabled": true,
        "authorization_resource_parameter": "authorization_resource_parameter",
        "code_challenge_methods_supported": [
          "string"
        ],
        "jwks_uri": "https://example.com",
        "registration_endpoint": "https://example.com",
        "scope_parameter": "scope_parameter",
        "scope_separator": "scope_separator",
        "scopes_supported": [
          "string"
        ],
        "token_endpoint": "https://example.com",
        "token_response_access_token_pointer": "token_response_access_token_pointer"
      },
      "openid": {
        "userinfo_endpoint": "https://example.com"
      }
    },
    "type": "external"
  },
  "subject": "subject"
}

Returns Examples

{
  "id": "id",
  "application_id": "application_id",
  "created_at": "2019-12-27T18:11:19.117Z",
  "organization_id": "organization_id",
  "slug": "slug",
  "updated_at": "2019-12-27T18:11:19.117Z",
  "zone_id": "zone_id",
  "application": {
    "id": "id",
    "created_at": "2019-12-27T18:11:19.117Z",
    "dependencies_count": 0,
    "identifier": "x",
    "name": "x",
    "organization_id": "organization_id",
    "owner_type": "platform",
    "slug": "slug",
    "updated_at": "2019-12-27T18:11:19.117Z",
    "zone_id": "zone_id",
    "description": "description",
    "metadata": {
      "docs_url": "https://example.com"
    },
    "protocols": {
      "oauth2": {
        "post_logout_redirect_uris": [
          "https://example.com"
        ],
        "redirect_uris": [
          "https://example.com"
        ]
      }
    }
  },
  "identifier": "identifier",
  "provider_id": "provider_id",
  "type": "token",
  "provider": {
    "id": "id",
    "created_at": "2019-12-27T18:11:19.117Z",
    "identifier": "x",
    "name": "x",
    "organization_id": "organization_id",
    "owner_type": "platform",
    "slug": "slug",
    "updated_at": "2019-12-27T18:11:19.117Z",
    "zone_id": "zone_id",
    "client_id": "client_id",
    "client_secret_set": true,
    "description": "description",
    "metadata": {},
    "protocols": {
      "oauth2": {
        "issuer": "https://example.com",
        "authorization_endpoint": "https://example.com",
        "authorization_parameters": {
          "foo": "string"
        },
        "authorization_resource_enabled": true,
        "authorization_resource_parameter": "authorization_resource_parameter",
        "code_challenge_methods_supported": [
          "string"
        ],
        "jwks_uri": "https://example.com",
        "registration_endpoint": "https://example.com",
        "scope_parameter": "scope_parameter",
        "scope_separator": "scope_separator",
        "scopes_supported": [
          "string"
        ],
        "token_endpoint": "https://example.com",
        "token_response_access_token_pointer": "token_response_access_token_pointer"
      },
      "openid": {
        "userinfo_endpoint": "https://example.com"
      }
    },
    "type": "external"
  },
  "subject": "subject"
}