Connected Apps contain app-specific information, such as URLs for your app server, that are used by Auth Providers to complete logins and signups.
You may have multiple Connected Apps per Realm. This is often useful when you have multiple apps (or multiple sub-apps that all belong to a larger app) using AuthRocket in an SSO scenario.
Connected Apps were formerly called Login Policies, which is the reason for legacy references to login_policy (policies) below. Despite the legacy naming, thinking about them using the current terminology will be helpful in understanding.
Field | Value | Req/Default | Notes |
---|---|---|---|
id |
id | Auto-generated | App’s ID. Always starts with “lpl_”. Example: |
name |
string | Required | |
realm_id |
realm_id | Required | ID of Realm this App belongs to. |
subdomain |
string | Optional | Unique subdomain. Auto-generated if not provided. Becomes subdomain.region.loginrocket.com. |
domains |
string | Auto-generated | Array of domains for logins for this app. |
header |
string | Optional | HTML header for hosted login page. |
footer |
string | Optional | HTML footer for hosted login page. |
external_css |
url | Optional | URL of stylesheet for hosted login page. |
login_handler |
url | Required | URL of your app where it processes new logins coming from LoginRocket. |
signup_handler |
url | Optional | URL of your app where it processes new signup tokens coming from LoginRocket. Uses |
redirect_uris |
url | Optional | Array of URLs for use with |
request |
hash | Hash of request attributes to add to Event. See notes. |
Method | Permissions |
---|---|
List, Get | read |
Create, Update, Delete | admin_realm |
List all connected apps in the current realm.
Param | Value | Default | |
---|---|---|---|
after |
policy_id | ID of the last connected app you've seen | |
max_results |
integer | 100 |
Range: 1-100 |
sort |
id ,name |
name |
|
direction |
asc ,desc |
asc |
GET /v1/login_policies
AuthRocket::LoginPolicy.all realm_id: 'rl_0v1zTHXhtNgmDaXaDYSAqx'
Status: 200
{ "more_results" : false,
"collection" : [
{ "domains" : ["acmeapp.e1.loginrocket.com"],
"id" : "lpl_0v1zVlBN75jzposHJJuDPv",
"name" : "AcmeApp SSO",
"realm_id" : "rl_0v1zTHXhtNgmDaXaDYSAqx",
"subdomain" : "acmeapp",
"object" : "login_policy"
}
]
}
[#<AuthRocket::LoginPolicy:0x3fc21aab662c>
id: "lpl_0v2FcFcZnv8qpG1XWoyN9P",
attribs: {
"domains"=>["acmeapp.e1.loginrocket.com"],
"name"=>"Acme App+ SSO",
"realm_id"=>"rl_0v1zTHXhtNgmDaXaDYSAqx",
"subdomain"=>"acmeapp",
"object"=>"login_policy"
},
metadata: {
"more_results"=>false
}
]
Retrieve a specific connected app within the current realm.
GET /v1/login_policies/:policy_id
AuthRocket::LoginPolicy.find 'lpl_0v2FcFcZnv8qpG1XWoyN9P'
Status: 200
{ "domains" : ["acmeapp.e1.loginrocket.com"],
"id" : "lpl_0v1zVlBN75jzposHJJuDPv",
"name" : "AcmeApp SSO",
"realm_id" : "rl_0v1zTHXhtNgmDaXaDYSAqx",
"subdomain" : "acmeapp",
"object" : "login_policy",
"header" : null,
"footer" : null,
"external_css" : null,
"login_handler" : "https://example.com/login",
"signup_handler" : "https://example.com/signup"
}
#<AuthRocket::LoginPolicy:0x3fc21aab662c>
id: "lpl_0v2FcFcZnv8qpG1XWoyN9P",
attribs: {
"domains"=>["acmeapp.e1.loginrocket.com"],
"name"=>"Acme App+ SSO",
"realm_id"=>"rl_0v1zTHXhtNgmDaXaDYSAqx",
"subdomain"=>"acmeapp",
"object"=>"login_policy",
"header"=>nil,
"footer"=>nil,
"external_css"=>nil,
"login_handler"=>"https://example.com/login",
"signup_handler"=>"https://example.com/signup"
}
Create a new connected app.
POST /v1/login_policies
{ "login_policy" :
{ "name" : "AcmeApp SSO",
"login_handler" : "https://example.com/login",
"realm_id" : "rl_0v1zTHXhtNgmDaXaDYSAqx"
}
}
app = AuthRocket::LoginPolicy.create(
name: "AcmeApp SSO",
login_handler: "https://example.com/login",
realm_id: "rl_0v1zTHXhtNgmDaXaDYSAqx"
)
Status: 201, with same body as Get a Connected App.
On success, returns same object as Get a Connected App.
On failure, returns an object without an id, but with errors:
# => #<AuthRocket::LoginPolicy:0x3fde5fa18df8> id: nil, ...
app.errors?
# => true
app.valid?
# => false
app.errors
# => ["Name can't be blank"]
Triggers a login_policy.created
event.
Update a connected app’s attributes. Only provided attributes are changed.
PUT /v1/login_policies/:policy_id
{ "login_policy" :
{ "name" : "Acme App+ SSO"
}
}
app=AuthRocket::LoginPolicy.find 'lpl_0v2FcFcZnv8qpG1XWoyN9P'
app.save name: 'Widgets, Inc.'
Status: 200, with same body as Get a Connected App.
On success, returns same object as Get a Connected App.
On failure, returns false:
# => false
app.errors
# => ["Name can't be blank"]
Triggers a login_policy.updated
event.
Deletes a connected app and associated domains.
DELETE /v1/login_policies/:policy_id
app=AuthRocket::LoginPolicy.find 'lpl_0v2FcFcZnv8qpG1XWoyN9P'
app.delete
Triggers a login_policy.deleted
event.
Questions? Find a Typo? Get in touch.