Get application list

Available in Classic and VPC

Get the application list.

Request

This section describes the request format. The method and URI are as follows:

Method	URI
GET	/api/v1/applications

Request headers

For information about the headers common to all Ncloud Single Sign-On APIs, see Ncloud Single Sign-On request headers.

Request query parameters

You can use the following query parameters with your request:

Field	Type	Required	Description
`searchColumn`	String	Conditional	Search column `applicationId` \| `applicationName` `applicationId`: application ID `applicationName`: application name
`searchWord`	String	Optional	Search keyword If you enter a value that does not match in whole or in part with the search column options (`applicationId`, `applicationName`), `items` is displayed as an empty value `[]` in the response. If you request without `searchColumn`, the entire list is displayed.
`page`	Integer	Optional	Page number 0-N (default: 0)
`size`	Integer	Optional	Page output count 1-N (default: 20)

Request example

The request example is as follows:

curl --location --request GET 'https://sso.apigw.ntruss.com/api/v1/applications?searchColumn=applicationName&searchWord=application&page=0&size=20' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}'

Response

This section describes the response format.

Response body

The response body includes the following data:

Field	Type	Required	Description
`page`	Number	-	Page number
`totalPages`	Number	-	Total number of pages
`totalItems`	Number	-	Number of response results
`isFirst`	Boolean	-	Whether it is the first page `true` \| `false` `true`: first page `false`: not a first page
`isLast`	Boolean	-	Whether it is the last page `true` \| `false` `true`: last page `false`: not a last page
`hasPrevious`	Boolean	-	Whether previous page exists `true` \| `false` `true`: It exists. `false`: It doesn't exist.
`hasNext`	Boolean	-	Whether next page exists `true` \| `false` `true`: It exists. `false`: It doesn't exist.
`items`	Array	-	Application list: items

`items`

The following describes items.

Field	Type	Required	Description
`applicationId`	String	-	Application ID
`name`	String	-	Application name
`description`	String	-	Application description
`applicationUrl`	String	-	Application URL
`applicationType`	String	-	Application type `web` \| `app` `web`: web `app`: app
`mbrLoginAllow`	String	-	Whether to allow main account login `ALLOW` \| `DENY` `ALLOW`: allow `DENY`: deny
`createdAt`	String	-	Application creation date and time ISO 8601 format OAuth 2.0
`updatedAt`	String	-	Application modification date and time ISO 8601 format OAuth 2.0
`clientId`	String	-	Application client ID OAuth 2.0
`clientAuthMethod`	String	-	Application authentication method `client_secret_basic` \| `client_secret_post` \| `none` `client_secret_basic`: Client credentials are passed as HTTP basic authentication header. `client_secret_post`: Client ID and secret are included in the POST request body. `none`: no authentication OAuth 2.0
`redirectUris`	Array	-	Application redirection URI list OAuth 2.0
`accessType`	String	-	Application access method `confidential` \| `public` `confidential`: Access after authentication with client ID and secret. `public`: Access after authentication with client ID. OAuth 2.0
`grantTypes`	Array	-	Authorization method `authorization_code` \| `refresh_token` \| `implicit` `authorization_code`: Issue access token with self-generated authorization code. `refresh_token`: Issue new access token without re-login after the access token expires. `implicit`: Issue access token directly without authorization code. It is optimized for client environments where it is difficult to securely store credentials. OAuth 2.0
`scopes`	Array	-	Application accessible information range `profile` \| `openid` \| `groups` \| `email` `profile`: account type, login ID, unique member identifier, username `openid`: account type, login ID, unique member identifier, username `groups`: account type, login ID, unique member identifier, username, group `email`: account type, login ID, unique member identifier, username, email OAuth 2.0
`accessTokenValidity`	Number	-	Access token validity time (second) OAuth 2.0
`refreshTokenValidity`	Number	-	Refresh token validity time (second) OAuth 2.0
`protocol`	String	-	Application authentication protocol `OAUTH2`: OAuth 2.0 (valid value)

Response status codes

For information about the response status codes common to all Ncloud Single Sign-On APIs, see Ncloud Single Sign-On response status codes.

Response example

The response example is as follows:

{
    "page" : 0,
    "totalPages" : 1,
    "totalItems" : 1,
    "isFirst" : true,
    "isLast" : true,
    "hasPrevious" : false,
    "hasNext" : false,
    "items" : [
        {
            "applicationId" : "88d2009c-****-****-****-59bf9afd5695",
            "name" : "application000",
            "description" : "aplication000 description",
            "applicationUrl" : "http://****.com",
            "applicationType" : "web",
            "mbrLoginAllow" : "ALLOW",
            "createdAt" : "2025-01-17T05:09:54Z",
            "updatedAt" : "2025-01-17T05:09:54Z",
            "clientId" : "88d2009c-****-****-****-59bf9afd5695",
            "clientAuthMethod" : "client_secret_basic",
            "redirectUris" : [
                "http://****.com"
            ],
            "accessType" : "confidential",
            "grantTypes" : [
                "authorization_code",
                "refresh_token"
            ],
            "scopes" : [
                "profile"
            ],
            "accessTokenValidity" : 43200,
            "refreshTokenValidity" : 2592000,
            "protocol" : "OAUTH2"
        }
    ]
}