Dfns API Documentation
  • 👋Welcome
  • Getting Started
    • Onboarding to Dfns
    • Dfns Environments
    • Core API Objects
    • Supported Assets
    • Postman
    • Dfns SDKs
    • Dashboard Videos
  • API Docs
    • Introduction
    • Authentication
      • Delegated Authentication
        • Delegated Registration
        • Delegated Registration Restart
        • Delegated Login
      • User Action Signing
        • Create User Action Signature Challenge
        • Create User Action Signature
      • Registration
        • Create User Registration Challenge
        • Complete User Registration
        • Complete End User Registration with Wallets
        • Resend Registration Code
        • Social Registration
      • Login
        • Create User Login Challenge
        • Complete User Login
        • Social Login
        • Logout
        • Send Login Code
      • Users
        • List Users
        • Create User
        • Get User
        • Activate User
        • Deactivate User
        • Archive User
      • Service Accounts
        • List Service Accounts
        • Create Service Account
        • Get Service Account
        • Update Service Account
        • Activate Service Account
        • Deactivate Service Account
        • Archive Service Account
      • Applications
        • List Applications
        • Create Application
        • Create Server-Signed Application
        • Get Application
        • Update Application
        • Activate Application
        • Deactivate Application
        • Archive Application
      • Personal Access Tokens
        • List Personal Access Tokens
        • Create Personal Access Token
        • Get Personal Access Token
        • Update Personal Access Token
        • Activate Personal Access Token
        • Deactivate Personal Access Token
        • Archive Personal Access Token
      • Credentials
        • Credentials Overview
        • API Reference
          • Create Credential Code
          • Create Credential Challenge
          • Create Credential Challenge With Code
          • Create Credential
          • Create Credential With Code
          • Deactivate Credential
          • Activate Credential
          • List Credentials
      • Recovery
        • Send Recovery Code Email
        • Create Recovery Challenge
        • Create Delegated Recovery Challenge
        • Recover User
    • Wallets
      • Create Wallet
      • Update Wallet
      • [deprecated] Delegate Wallet
      • Get Wallet by ID
      • List Wallets
      • Get Wallet Assets
      • Get Wallet NFTs
      • Get Wallet History
      • Tag Wallet
      • Untag Wallet
      • Transfer Asset
      • Get Transfer Request by ID
      • List Transfer Requests
      • Sign and Broadcast Transaction
        • Algorand
        • Aptos
        • Bitcoin / Litecoin
        • Cardano
        • EVM
        • Solana
        • Stellar
        • Tezos
        • TRON
        • XRP Ledger (Ripple)
      • Get Transaction Request by ID
      • List Transaction Requests
      • [deprecated] Generate Signature
      • Advanced Wallet APIs
        • Import Wallet
        • [deprecated] Export Wallet
    • Fee Sponsors
      • Create Fee Sponsor
      • Get Fee Sponsor
      • List Fee Sponsors
      • Activate Fee Sponsor
      • Deactivate Fee Sponsor
      • Delete Fee Sponsor
      • List Sponsored Fees
    • Keys
      • Create Key
      • Update Key
      • Delegate Key
      • Get Key by ID
      • List Keys
      • Generate Signature
        • Algorand
        • Aptos
        • Bitcoin / Litecoin
        • Cardano
        • Cosmos Appchain
        • EVM
        • Solana
        • Stellar
        • Substrate (Polkadot)
        • Tezos
        • TON
        • TRON
        • XRP Ledger (Ripple)
      • Get Signature Request by ID
      • List Signature Requests
      • Advanced Key APIs
        • Import Key
        • Export Key
    • Networks
      • Estimate fees
      • Read Contract
    • Policy Engine
      • Policies Overview
      • API Reference
        • Create Policy
        • Get Policy
        • List Policies
        • Update Policy
        • Archive Policy
        • Get Approval
        • List Approvals
        • Create Approval Decision
    • Permissions
      • Permissions Overview
      • API Reference
        • Get Permission
        • List Permissions
        • Create Permission
        • Update Permission
        • Archive Permission
        • Assign Permission
        • Revoke Permission
        • List Permission Assignments
    • Webhooks
      • Create Webhook
      • Get Webhook
      • List Webhooks
      • Update Webhook
      • Delete Webhook
      • Ping Webhook
      • Get Webhook Event
      • List Webhook Events
    • Dfns Change Log
    • API Errors
  • Integrations
    • Exchanges
      • Exchange Configuration
        • Kraken Setup
        • Binance Setup
        • Coinbase Prime Setup
      • API Reference
        • Create Exchange
        • List Exchanges
        • Get Exchange
        • Delete Exchange
        • List Exchange Accounts
        • List Exchange Account Assets
        • Create Exchange Deposit
        • Create Exchange Withdrawal
    • AML / KYT
      • Chainalysis
    • Staking
      • API Reference
        • Create Stake
        • Create Stake Action
        • List Stakes
        • List Stake Actions
        • get Rewards
    • Fiat On/Off-Ramps
    • Account Abstraction on EVMs
  • Advanced Topics
    • Authentication
      • API Authentication
      • Request Headers
      • Credentials
        • Generate a Key Pair
        • User Credentials
        • Access Token Credentials
        • Storing WebAuthn Credentials in Password Managers
      • Request Signing
      • API objects
    • Delegated Signing
    • API Idempotency
    • FAQ
  • Guides
    • Passkey Settings - Migration guide
Powered by GitBook
On this page
  • Required Permissions
  • Request Body
  • Example
  • Responses
  1. API Docs
  2. Authentication
  3. Applications

Create Server-Signed Application

Last updated 1 year ago

POST /auth/apps

Create a new Server-Signed application in the caller's org. This is only required when you must add additional authentication to the request from the server side. We strongly recommend unless you have an explicit need for server authentication as this adds additional complexity to the configuration.

  • User action signature required. See for more information.

  • Request headers required. See for more information.

  • Authentication required. See for more information.

Required Permissions

Name
Conditions

Auth:Apps:Create

Always Required

Auth:Types:Application

Always Required

Request Body

name *

String

the name of the application, must be unique within the caller's org

relyingPartyId *

String

the top level domain where the application will be hosted, for example: dfns.io

origin *

String

the url of the application, for example: https://api.dfns.io

kind *

String

the kind of application being created, must be ServerSideApplication

publicKey *

String

the public key that can be used to validate signatures generated by the application

daysValid

Integer

Optional number of days the application's token will be valid. Default is 730. Max is 730

permissionId

String

Optional ID of the permission that will be assigned to the application. If no permission ID is given, the application will be assigned the same permissions as the caller

externalId

String

Optional user defined value that can be used to correlate the entity with an external system

Example

{
  "name": "MyApp Production",
  "relyingPartyId": "https://myapp.example.co",
  "origin": "example.co",
  "kind": "ServerSideApplication",
  "permissionId": "pm-delaw-avoca-v16r37fpp8koqebc",
  "daysValid": 720,
  "publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4juWLl9qYQRlkj0XGsSx\naQGe0hjOiXOMRHQpUWGWu/kM6rdiLbsHN+muXHl/kmFu8Hd+eTzPNVgfGREobvgI\nv/jIf2edTcOLGCNY9DDjxuezilKAzvxnckAg1RkaQuDoWBjtECl/QFwZbskE4Vy3\nMP6b5ynTZzIcdkQ443GPzylcZc3bu7hVsUKTSpI1jioVPOMcc4+ntgVMA42nhzuo\n1sMcU6sDQuBE4PCCuZXvcupBwPrOQDwLgNcvIZihn4OrHCAVWQpedruIKB6pmpRF\nfBOrs1Gco2nE85ABpC3LxMu5NahyotA5S4pxqo97Pf+FMCVOeZxUpDBvsS5bSCg+\nDwIDAQAB\n-----END PUBLIC KEY-----"
}

Responses

Success - The newly created application

{
  "appId": "ap-4s6se-e2t7n-89gfg50iaos73pm6",
  "kind": "ServerSideApplication",
  "orgId": "or-yanke-mars-6ulofamogg8fs87v",
  "expectedRpId": "localhost",
  "name": "Localhost Server-Side App",
  "isActive": true,
  "expectedOrigin": "http://localhost:3000",
  "permissionAssignments": [],
  "accessTokens": [
    {
      "accessToken": "eyJ0eXAi...pm4Rq5mCmlC5GcoHpA",
      "dateCreated": "2023-04-11T16:38:55.098Z",
      "credId": "Y2ktMmNkcXMscDl5cjktOXBvYnB1bWo4anZnY2h2bA",
      "isActive": true,
      "kind": "Application",
      "linkedUserId": "",
      "linkedAppId": "ap-4s6se-e2t7n-89gfg50iaos73pm6",
      "name": "Localhost Server-Side App",
      "orgId": "or-yanke-mars-6ulofamogg8fs87v",
      "permissionAssignments": [],
      "publicKey": "SHA256:lH6mAX/74SbWzSjwNBFapwJsUdccVQzA8yj7K8/R5eo",
      "tokenId": "to-3oona-vc575-9ueb17f2t4uq0m9b"
    }
  ]
}

See for common errors.

See for application management specific errors.

creating a default application
User Action Signing
Request Headers
Authentication Headers
Common Errors
Application Management Errors