Creating an Application Instance
Function
This API is used to create an application instance. It can be called only from the organization's management account or from a delegated administrator account of a cloud service.
URI
POST /v1/instances/{instance_id}/application-instances
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
instance_id |
Yes |
String |
Globally unique ID of an IAM Identity Center instance. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Security-Token |
No |
String |
Security token (session token) of your temporary security credentials. If a temporary security credential is used, this header is required. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
name |
Yes |
String |
Application instance UUID. |
|
template_id |
Yes |
String |
Application template ID. |
Response Parameters
Status code: 201
|
Parameter |
Type |
Description |
|---|---|---|
|
application_instance |
ApplicationInstanceDto object |
Application instance. |
|
Parameter |
Type |
Description |
|---|---|---|
|
active_certificate |
CertificateDto object |
Activated certificates. |
|
display |
DisplayDto object |
Display information of an application. |
|
identity_provider_config |
IdentityProviderConfigDto object |
Identity provider configuration. |
|
application_instance_id |
String |
Unique ID of an application instance. |
|
name |
String |
Application UUID. |
|
visible |
Boolean |
Whether an application is visible on the user portal. |
|
response_config |
ResponseConfigDto object |
Application attribute configuration. |
|
response_schema_config |
ResponseSchemaConfigDto object |
Configuration for application schema attribute mapping. |
|
security_config |
SecurityConfigDto object |
Certificate configuration. |
|
status |
String |
Application instance status. |
|
template |
ApplicationTemplateDto object |
Information about the template that an application depends on. |
|
service_provider_config |
ServiceProviderConfigDto object |
Service provider configuration. |
|
client_id |
String |
OIDC client ID. |
|
end_user_visible |
Boolean |
Visible to users or not. |
|
managed_account |
String |
Account ID of a group member. |
|
Parameter |
Type |
Description |
|---|---|---|
|
algorithm |
String |
Certificate generation algorithm. |
|
certificate |
String |
Application certificate. |
|
certificate_id |
String |
Application certificate ID. |
|
expiry_date |
Long |
Certificate expiration time. |
|
status |
String |
Certificate status. |
|
key_size |
String |
Key size. |
|
issue_date |
Long |
Certificate generation time. |
|
Parameter |
Type |
Description |
|---|---|---|
|
issuer_url |
String |
Identity provider issuer. |
|
metadata_url |
String |
Identity provider metadata. |
|
remote_login_url |
String |
Remote login link of an identity provider. |
|
remote_logout_url |
String |
Remote logout link of an identity provider. |
|
Parameter |
Type |
Description |
|---|---|---|
|
application |
Display information of an application template. |
|
|
response_config |
ResponseConfigDto object |
Application attribute configuration. |
|
response_schema_config |
ResponseSchemaConfigDto object |
Mapping configuration of application attributes. |
|
sso_protocol |
String |
Supported protocols. |
|
security_config |
SecurityConfigDto object |
Certificate configuration. |
|
service_provider_config |
ServiceProviderConfigDto object |
Service provider configuration. |
|
template_id |
String |
Unique ID of an application template. |
|
template_version |
String |
Application template version. |
|
Parameter |
Type |
Description |
|---|---|---|
|
application_id |
String |
Application ID. Its prefix is app-. |
|
display |
DisplayDto object |
Display information of an application. |
|
application_type |
String |
Application type. |
|
Parameter |
Type |
Description |
|---|---|---|
|
description |
String |
Application description. |
|
display_name |
String |
Application display name. |
|
icon |
String |
Application icon. |
|
Parameter |
Type |
Description |
|---|---|---|
|
properties |
Map<String,ResponseSourceDetailsDto> |
Additional configuration for attribute mapping. |
|
subject |
ResponseSourceDetailsDto object |
Subject attribute mapping configuration. |
|
relay_state |
String |
Relay state. |
|
ttl |
String |
Session expiration time. |
|
Parameter |
Type |
Description |
|---|---|---|
|
source |
Array of strings |
Attribute mapping value. |
|
Parameter |
Type |
Description |
|---|---|---|
|
properties |
Map<String,ResponseSchemaPropertiesDetailsDto> |
Additional schema configuration for attribute mapping. |
|
subject |
Schema configuration for subject attribute mapping. |
|
|
supported_name_id_formats |
Array of strings |
Subject NameID format supported by an application. |
|
Parameter |
Type |
Description |
|---|---|---|
|
attr_name_format |
String |
Additional attribute format. |
|
include |
String |
Whether additional attributes are included. |
|
Parameter |
Type |
Description |
|---|---|---|
|
name_id_format |
String |
NameID format. |
|
include |
String |
Whether NameID is included. |
|
Parameter |
Type |
Description |
|---|---|---|
|
audience |
String |
SAML audience. |
|
require_request_signature |
Boolean |
Whether a signature is required. |
|
consumers |
Array of ConsumersDto objects |
SAML response recipient. |
|
start_url |
String |
Application startup URL. |
|
Parameter |
Type |
Description |
|---|---|---|
|
binding |
String |
SAML transmission protocol. |
|
default_value |
Boolean |
Whether it is the default recipient. |
|
location |
String |
SAML ACS URL. |
Status code: 400
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
request_id |
String |
Unique ID of a request. |
Status code: 403
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
request_id |
String |
Unique ID of a request. |
|
encoded_authorization_message |
String |
Encrypted error message. |
Status code: 409
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
request_id |
String |
Unique ID of a request. |
Example Request
Creating an application instance
POST https://{hostname}/v1/instances/{instance_id}/application-instances
{
"name" : "a689ebed-1b68-44b0-af97-xxxxx",
"template_id" : "tpl-88f215b39bfcxxxx"
}
Example Response
Status code: 201
Successful
{
"application_instance" : {
"active_certificate" : {
"algorithm" : "SHA256withRSA",
"certificate" : "certificate",
"certificate_id" : "cer-ea56cf20-4ec3-445a-883f-eb70f35fe7d1",
"expiry_date" : 1911427200000,
"status" : "ACTIVE",
"key_size" : "3072",
"issue_date" : 1753695145064
},
"display" : {
"description" : "Custom SAML 2.0 application",
"display_name" : "Custom SAML 2.0 application",
"icon" : ""
},
"identity_provider_config" : {
"issuer_url" : "https://idcenter.ulanqab.huawei.com/v1/saml/assertion/OGMxZWVmM2EyNDE5NDVmNjljM2QzYTZiMDI1MmU3ODNfZC05NDE0MDdiNGIzX2FwcC1pbnMtYTAzM2M5MDcwMTZhNTlhZQ==",
"metadata_url" : "https://idcenter.ulanqab.huawei.com/v1/saml/metadata/OGMxZWVmM2EyNDE5NDVmNjljM2QzYTZiMDI1MmU3ODNfZC05NDE0MDdiNGIzX2FwcC1pbnMtYTAzM2M5MDcwMTZhNTlhZQ==",
"remote_login_url" : "https://idcenter.ulanqab.huawei.com/v1/saml/assertion/OGMxZWVmM2EyNDE5NDVmNjljM2QzYTZiMDI1MmU3ODNfZC05NDE0MDdiNGIzX2FwcC1pbnMtYTAzM2M5MDcwMTZhNTlhZQ==",
"remote_logout_url" : "https://idcenter.ulanqab.huawei.com/v1/saml/logout/OGMxZWVmM2EyNDE5NDVmNjljM2QzYTZiMDI1MmU3ODNfZC05NDE0MDdiNGIzX2FwcC1pbnMtYTAzM2M5MDcwMTZhNTlhZQ=="
},
"application_instance_id" : "app-ins-a033c907016a59ae",
"name" : "a689ebed-1b68-44b0-af97-0be880c30127",
"visible" : true,
"response_config" : {
"properties" : { },
"subject" : null,
"relay_state" : null,
"ttl" : "PT1H"
},
"response_schema_config" : {
"properties" : { },
"subject" : null,
"supported_name_id_formats" : null
},
"security_config" : {
"ttl" : "P5Y"
},
"status" : "CREATED",
"template" : {
"application" : {
"application_id" : "app-ff1258a63a4axxxx",
"display" : {
"description" : "Custom SAML 2.0 application",
"display_name" : "Custom SAML 2.0 application",
"icon" : ""
},
"application_type" : ""
},
"response_config" : {
"properties" : { },
"subject" : null,
"relay_state" : null,
"ttl" : "PT1H"
},
"response_schema_config" : {
"properties" : { },
"subject" : null,
"supported_name_id_formats" : null
},
"sso_protocol" : "SAML",
"security_config" : {
"ttl" : null
},
"service_provider_config" : {
"audience" : null,
"require_request_signature" : false,
"consumers" : null,
"start_url" : null
},
"template_id" : "tpl-88f215b39bfc7575",
"template_version" : "1"
},
"service_provider_config" : {
"audience" : null,
"require_request_signature" : false,
"consumers" : null,
"start_url" : null
},
"client_id" : null,
"end_user_visible" : null,
"managed_account" : "8c1eef3a241945f69c3d3a6b0252e783"
}
}
Status Codes
|
Status Code |
Description |
|---|---|
|
201 |
Successful. |
|
400 |
Bad request. |
|
403 |
Forbidden. |
|
409 |
Conflict. |
Error Codes
For details, see Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
