API Reference

Zones

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Applications

List applications

zones.applications.list(strzone_id, ApplicationListParams**kwargs) -> ApplicationListResponse

GET/zones/{zoneId}/applications

Create application

zones.applications.create(strzone_id, ApplicationCreateParams**kwargs) -> Application

POST/zones/{zoneId}/applications

Get application

zones.applications.retrieve(strid, ApplicationRetrieveParams**kwargs) -> Application

GET/zones/{zoneId}/applications/{id}

Update application

zones.applications.update(strid, ApplicationUpdateParams**kwargs) -> Application

PATCH/zones/{zoneId}/applications/{id}

Delete application

zones.applications.delete(strid, ApplicationDeleteParams**kwargs)

DELETE/zones/{zoneId}/applications/{id}

List application credentials

zones.applications.list_credentials(strid, ApplicationListCredentialsParams**kwargs) -> ApplicationListCredentialsResponse

GET/zones/{zoneId}/applications/{id}/application-credentials

List application resources

zones.applications.list_resources(strid, ApplicationListResourcesParams**kwargs) -> ApplicationListResourcesResponse

GET/zones/{zoneId}/applications/{id}/resources

ModelsExpand Collapse

class Application: …

An Application is a software system with an associated identity that can access Resources. It may act on its own behalf (machine-to-machine) or on behalf of a user (delegated access).

id: str

Unique identifier of the application

created_at: datetime

Entity creation timestamp

formatdate-time

dependencies_count: int

Number of resource dependencies

identifier: str

User specified identifier, unique within the zone

minLength1

maxLength2048

name: str

Human-readable name

minLength1

maxLength255

organization_id: str

Organization that owns this application

owner_type: Literal["platform", "customer"]

Who owns this application. Platform-owned applications cannot be modified via API.

Accepts one of the following:

"platform"

"customer"

slug: str

URL-safe identifier, unique within the zone

minLength1

maxLength63

updated_at: datetime

Entity update timestamp

formatdate-time

zone_id: str

Zone this application belongs to

description: Optional[str]

Human-readable description

maxLength2048

metadata: Optional[Metadata]

Entity metadata

docs_url: Optional[str]

Documentation URL

formaturi

maxLength2048

protocols: Optional[Protocols]

Protocol-specific configuration

oauth2: Optional[ProtocolsOauth2]

OAuth 2.0 protocol configuration

post_logout_redirect_uris: Optional[List[str]]

OAuth 2.0 post-logout redirect URIs for this application

redirect_uris: Optional[List[str]]

OAuth 2.0 redirect URIs for this application

Literal["gateway", "mcp-provider"]

Traits ascribe behaviors and characteristics to an application, which may activate trait-specific user experiences, workflows, or other system behaviors

Accepts one of the following:

"gateway"

"mcp-provider"

class Metadata: …

Entity metadata

docs_url: Optional[str]

Documentation URL

formaturi

maxLength2048

class MetadataUpdate: …

Entity metadata (set to null or {} to remove metadata)

docs_url: Optional[str]

Documentation URL (set to null to unset)

formaturi

maxLength2048

ApplicationsDependencies

List application dependencies

zones.applications.dependencies.list(strid, DependencyListParams**kwargs) -> DependencyListResponse

GET/zones/{zoneId}/applications/{id}/dependencies

Add application dependency

zones.applications.dependencies.add(strdependency_id, DependencyAddParams**kwargs)

PUT/zones/{zoneId}/applications/{id}/dependencies/{dependencyId}

Remove application dependency

zones.applications.dependencies.remove(strdependency_id, DependencyRemoveParams**kwargs)

DELETE/zones/{zoneId}/applications/{id}/dependencies/{dependencyId}

Get application dependency

zones.applications.dependencies.retrieve(strdependency_id, DependencyRetrieveParams**kwargs) -> Resource

GET/zones/{zoneId}/applications/{id}/dependencies/{dependencyId}

ModelsExpand Collapse

class Resource: …

A Resource is a system that exposes protected information or functionality. It requires authentication of the requesting actor, which may be a user or application, before allowing access.

id: str

Unique identifier of the resource

application_type: Literal["native", "web"]

The expected type of client for this credential. Native clients must use localhost URLs for redirect_uris or URIs with custom schemes. Web clients must use https URLs and must not use localhost as the hostname.

Accepts one of the following:

"native"

"web"

created_at: datetime

Entity creation timestamp

formatdate-time

identifier: str

User specified identifier, unique within the zone

minLength1

maxLength2048

name: str

Human-readable name

minLength1

maxLength255

organization_id: str

Organization that owns this resource

owner_type: Literal["platform", "customer"]

Who owns this resource. Platform-owned resources cannot be modified via API.

Accepts one of the following:

"platform"

"customer"

slug: str

URL-safe identifier, unique within the zone

minLength1

maxLength63

updated_at: datetime

Entity update timestamp

formatdate-time

zone_id: str

Zone this resource belongs to

Deprecatedapplication: Optional[Application]

An Application is a software system with an associated identity that can access Resources. It may act on its own behalf (machine-to-machine) or on behalf of a user (delegated access).

id: str

Unique identifier of the application

created_at: datetime

Entity creation timestamp

formatdate-time

dependencies_count: int

Number of resource dependencies

identifier: str

User specified identifier, unique within the zone

minLength1

maxLength2048

name: str

Human-readable name

minLength1

maxLength255

organization_id: str

Organization that owns this application

owner_type: Literal["platform", "customer"]

Who owns this application. Platform-owned applications cannot be modified via API.

Accepts one of the following:

"platform"

"customer"

slug: str

URL-safe identifier, unique within the zone

minLength1

maxLength63

updated_at: datetime

Entity update timestamp

formatdate-time

zone_id: str

Zone this application belongs to

description: Optional[str]

Human-readable description

maxLength2048

metadata: Optional[Metadata]

Entity metadata

docs_url: Optional[str]

Documentation URL

formaturi

maxLength2048

protocols: Optional[Protocols]

Protocol-specific configuration

oauth2: Optional[ProtocolsOauth2]

OAuth 2.0 protocol configuration

post_logout_redirect_uris: Optional[List[str]]

OAuth 2.0 post-logout redirect URIs for this application

redirect_uris: Optional[List[str]]

OAuth 2.0 redirect URIs for this application

application_id: Optional[str]

ID of the application that provides this resource

Deprecatedcredential_provider: Optional[Provider]

A Provider is a system that supplies access to Resources and allows actors (Users or Applications) to authenticate.

id: str

Unique identifier of the provider

created_at: datetime

Entity creation timestamp

formatdate-time

identifier: str

User specified identifier, unique within the zone

minLength1

maxLength2048

name: str

Human-readable name

minLength1

maxLength255

organization_id: str

Organization that owns this provider

owner_type: Literal["platform", "customer"]

Who owns this provider. Platform-owned providers cannot be modified via API.

Accepts one of the following:

"platform"

"customer"

slug: str

URL-safe identifier, unique within the zone

minLength1

maxLength63

updated_at: datetime

Entity update timestamp

formatdate-time

zone_id: str

Zone this provider belongs to

client_id: Optional[str]

OAuth 2.0 client identifier

client_secret_set: Optional[bool]

Indicates whether a client secret is configured

description: Optional[str]

Human-readable description

maxLength2048

metadata: Optional[object]

Provider metadata

protocols: Optional[Protocols]

Protocol-specific configuration

oauth2: Optional[ProtocolsOauth2]

OAuth 2.0 protocol configuration

issuer: str

OIDC issuer URL used for discovery and token validation.

formaturi

authorization_endpoint: Optional[str]

formaturi

authorization_parameters: Optional[Dict[str, str]]

Custom query parameters appended to authorization redirect URLs. Use for non-standard providers (e.g. Google prompt=consent, access_type=offline).

authorization_resource_enabled: Optional[bool]

Whether to include the resource parameter in authorization requests.

authorization_resource_parameter: Optional[str]

The resource parameter value to include in authorization requests. Defaults to "resource" when authorization_resource_enabled is true.

code_challenge_methods_supported: Optional[List[str]]

jwks_uri: Optional[str]

formaturi

registration_endpoint: Optional[str]

formaturi

scope_parameter: Optional[str]

The query parameter name for scopes in authorization requests. Defaults to "scope". Slack v2 uses "user_scope".

scope_separator: Optional[str]

The separator character for scope values. Defaults to " " (space). Slack v2 uses ",".

scopes_supported: Optional[List[str]]

token_endpoint: Optional[str]

formaturi

token_response_access_token_pointer: Optional[str]

Dot-separated path to the access token in the token response body. Defaults to "access_token". Slack v2 uses "authed_user.access_token".

openid: Optional[ProtocolsOpenid]

OpenID Connect protocol configuration

userinfo_endpoint: Optional[str]

formaturi

type: Optional[Literal["external", "keycard-vault", "keycard-sts"]]

Accepts one of the following:

"external"

"keycard-vault"

"keycard-sts"

credential_provider_id: Optional[str]

ID of the credential provider for this resource

description: Optional[str]

Human-readable description

maxLength2048

metadata: Optional[Metadata]

Entity metadata

docs_url: Optional[str]

Documentation URL

formaturi

maxLength2048

scopes: Optional[List[str]]

Scopes supported by the resource

when_accessing: Optional[List[str]]

List of resource IDs that, when accessed, make this dependency available. Only present when this resource is returned as a dependency.