List clients
Returns a list of registered OAuth clients. Hidden clients are excluded from the results.
Client name
Client name. Search for results that contain the specified characters in this parameter.
Client description. Search for results that contain the specified characters in this parameter.
Sorting options
Offset
Limit
With parameters
Determines the detail level of the response body.
Returns a paginated list of OAuth client records.
Unique Client identifier
Display name of the client application
Human-readable description of the client application and its purpose
Redirect URL of this client
API entities which this client can access
Flags for Client. e.g. NO_CONSENT:1, DISABLED:2, HIDDEN:4, NO_EXPIRY_TOKEN :8
Oauth flow for this client.
e.g. AUTH_CODE:1, CLIENT_CREDENTIAL:2, SIGNATURE:4, REFRESH_TOKEN:8
Secret key used to sign requests made by this client
Life time for access token of client in hours. e.g. 5=5 hours
Life time for refresh token of client in hours
List of applications on the device that the client can call out to
Indicates whether a PIN should be requested of the user using this client
Time out for pin of client in minutes
Max attempts that user can try to enter PIN before wipe occurs
Client Type. e.g. ACCELLION:1, MOBILE:2, OUTLOOK:4, SYNC:8, IMPORTED:32
Indicates whether touch Id is enabled
Indicates whether clipboard is enabled
Indicates whether auto update is enabled
Installer information for the client
Indicates whether the external email matches a Kiteworks email
Minimum API version required by this client to operate correctly
HATEOAS links associated with the entity
Total number of items available.
Maximum number of items returned per page.
Number of items skipped before the current page.
Request blocked by WAF
curl -X GET \
"https://{instance}.kiteworks.com/rest/clients" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
url = "https://{instance}.kiteworks.com/rest/clients"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())Create a client
Creates a new OAuth client (e.g. a custom mobile app). The response includes the plain-text client_secret, which is only returned once at creation time and cannot be retrieved again.
If set to true, returns information about the newly created entity.
Determines the detail level of the response body.
Display name of the client application
Human-readable description of the client application and its purpose
Where the server send the code that client can redeem access token.
e.g. https://HOST/rest/callback.html
API entities which this client can access
Secret key used to sign requests made by this client
Life time for access token of client in hours. e.g. 5=5 hours
Life time for refresh token of client in hours
Indicates whether HATEOAS links should be included in the response
Returns the newly created client record, including the plain-text client_secret.
Unique Client identifier
Display name of the client application
Human-readable description of the client application and its purpose
Redirect URL of this client
API entities which this client can access
Flags for Client. e.g. NO_CONSENT:1, DISABLED:2, HIDDEN:4, NO_EXPIRY_TOKEN :8
Oauth flow for this client.
e.g. AUTH_CODE:1, CLIENT_CREDENTIAL:2, SIGNATURE:4, REFRESH_TOKEN:8
Secret key used to sign requests made by this client
Life time for access token of client in hours. e.g. 5=5 hours
Life time for refresh token of client in hours
List of applications on the device that the client can call out to
Indicates whether a PIN should be requested of the user using this client
Time out for pin of client in minutes
Max attempts that user can try to enter PIN before wipe occurs
Client Type. e.g. ACCELLION:1, MOBILE:2, OUTLOOK:4, SYNC:8, IMPORTED:32
Indicates whether touch Id is enabled
Indicates whether clipboard is enabled
Indicates whether auto update is enabled
Installer information for the client
Indicates whether the external email matches a Kiteworks email
Minimum API version required by this client to operate correctly
HATEOAS links associated with the entity
Plain-text client secret returned only at creation time
Conflict
Possible error codes: ERR_ENTITY_EXISTS
Error code
Error message
Unprocessable Content
Possible error codes: ERR_INPUT_REQUIRED, ERR_INPUT_NOT_INTEGER, ERR_INPUT_MIN_VALUE
Error code
Error message
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/clients" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name": "string",
"description": "string",
"redirectUri": "string",
"scope": "string",
"signatureKey": "string",
"accessTokenLifetime": 1
}'import requests
url = "https://{instance}.kiteworks.com/rest/clients"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"name": "string",
"description": "string",
"redirectUri": "string",
"scope": "string",
"signatureKey": "string",
"accessTokenLifetime": 1
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())Get current client
Returns the settings of the OAuth client used to make the current request (e.g. pin timeout, token lifetime).
Returns the OAuth client record for the client making the request.
Unique Client identifier
Display name of the client application
Human-readable description of the client application and its purpose
Redirect URL of this client
API entities which this client can access
Flags for Client. e.g. NO_CONSENT:1, DISABLED:2, HIDDEN:4, NO_EXPIRY_TOKEN :8
Oauth flow for this client.
e.g. AUTH_CODE:1, CLIENT_CREDENTIAL:2, SIGNATURE:4, REFRESH_TOKEN:8
Secret key used to sign requests made by this client
Life time for access token of client in hours. e.g. 5=5 hours
Life time for refresh token of client in hours
List of applications on the device that the client can call out to
Indicates whether a PIN should be requested of the user using this client
Time out for pin of client in minutes
Max attempts that user can try to enter PIN before wipe occurs
Client Type. e.g. ACCELLION:1, MOBILE:2, OUTLOOK:4, SYNC:8, IMPORTED:32
Indicates whether touch Id is enabled
Indicates whether clipboard is enabled
Indicates whether auto update is enabled
Installer information for the client
Indicates whether the external email matches a Kiteworks email
Minimum API version required by this client to operate correctly
HATEOAS links associated with the entity
Request blocked by WAF
curl -X GET \
"https://{instance}.kiteworks.com/rest/clients/me" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
url = "https://{instance}.kiteworks.com/rest/clients/me"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())Get a client
Returns the settings for the specified OAuth client (e.g. an iOS mobile app), including token lifetimes, PIN policy, scope, and OAuth flow configuration.
The unique identifier of the client.
Returns the OAuth client record.
Unique Client identifier
Display name of the client application
Human-readable description of the client application and its purpose
Redirect URL of this client
API entities which this client can access
Flags for Client. e.g. NO_CONSENT:1, DISABLED:2, HIDDEN:4, NO_EXPIRY_TOKEN :8
Oauth flow for this client.
e.g. AUTH_CODE:1, CLIENT_CREDENTIAL:2, SIGNATURE:4, REFRESH_TOKEN:8
Secret key used to sign requests made by this client
Life time for access token of client in hours. e.g. 5=5 hours
Life time for refresh token of client in hours
List of applications on the device that the client can call out to
Indicates whether a PIN should be requested of the user using this client
Time out for pin of client in minutes
Max attempts that user can try to enter PIN before wipe occurs
Client Type. e.g. ACCELLION:1, MOBILE:2, OUTLOOK:4, SYNC:8, IMPORTED:32
Indicates whether touch Id is enabled
Indicates whether clipboard is enabled
Indicates whether auto update is enabled
Installer information for the client
Indicates whether the external email matches a Kiteworks email
Minimum API version required by this client to operate correctly
HATEOAS links associated with the entity
Request blocked by WAF
curl -X GET \
"https://{instance}.kiteworks.com/rest/clients/:id" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
id = "VALUE" # The unique identifier of the client.
url = f"https://{{instance}}.kiteworks.com/rest/clients/{id}"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())Update a client
Updates the settings for the specified OAuth client. The fields available for update depend on the client type: custom clients support name, description, redirectUri, accessTokenLifetime, refreshTokenLifetime, scope, and signatureKey; built-in clients support only accessTokenLifetime and refreshTokenLifetime.
ID of the client to be updated
Display name of the client application
Human-readable description of the client application and its purpose
Where the server send the code that client can redeem access token.
e.g. https://HOST/rest/callback.html
API entities which this client can access
Secret key used to sign requests made by this client
Life time for access token of client in hours. e.g. 5=5 hours
Life time for refresh token of client in hours
Indicates whether HATEOAS links should be included in the response
Returns the updated OAuth client record.
Unique Client identifier
Display name of the client application
Human-readable description of the client application and its purpose
Redirect URL of this client
API entities which this client can access
Flags for Client. e.g. NO_CONSENT:1, DISABLED:2, HIDDEN:4, NO_EXPIRY_TOKEN :8
Oauth flow for this client.
e.g. AUTH_CODE:1, CLIENT_CREDENTIAL:2, SIGNATURE:4, REFRESH_TOKEN:8
Secret key used to sign requests made by this client
Life time for access token of client in hours. e.g. 5=5 hours
Life time for refresh token of client in hours
List of applications on the device that the client can call out to
Indicates whether a PIN should be requested of the user using this client
Time out for pin of client in minutes
Max attempts that user can try to enter PIN before wipe occurs
Client Type. e.g. ACCELLION:1, MOBILE:2, OUTLOOK:4, SYNC:8, IMPORTED:32
Indicates whether touch Id is enabled
Indicates whether clipboard is enabled
Indicates whether auto update is enabled
Installer information for the client
Indicates whether the external email matches a Kiteworks email
Minimum API version required by this client to operate correctly
HATEOAS links associated with the entity
Forbidden
Possible error codes: ERR_ACCESS_USER
Error code
Error message
Request blocked by WAF
curl -X PUT \
"https://{instance}.kiteworks.com/rest/clients/:id" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name": "string",
"description": "string",
"redirectUri": "string",
"scope": "string",
"signatureKey": "string",
"accessTokenLifetime": 1
}'import requests
id = "VALUE" # ID of the client to be updated
url = f"https://{{instance}}.kiteworks.com/rest/clients/{id}"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"name": "string",
"description": "string",
"redirectUri": "string",
"scope": "string",
"signatureKey": "string",
"accessTokenLifetime": 1
}
response = requests.put(url, headers=headers, json=payload)
print(response.json())Delete a client
Deletes the specified OAuth client. Built-in system clients cannot be deleted.
ID of the client to be deleted
The client was successfully deleted. Returns no content.
Forbidden
Possible error codes: ERR_ACCESS_USER
Error code
Error message
Request blocked by WAF
curl -X DELETE \
"https://{instance}.kiteworks.com/rest/clients/:id" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
id = "VALUE" # ID of the client to be deleted
url = f"https://{{instance}}.kiteworks.com/rest/clients/{id}"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.delete(url, headers=headers)
print(response.json())List scopes of a client
Returns the list of API resource scopes the specified client is authorized to access, such as folders, files, members, and comments.
ID of the client whose scopes to be retrieved
Determines the detail level of the response body.
Client scopes retrieved successfully.
List of API resource scope strings the client is authorized to access (e.g. 'folders/', 'files/').
Request blocked by WAF
curl -X GET \
"https://{instance}.kiteworks.com/rest/clients/:id/scopes" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
id = "VALUE" # ID of the client whose scopes to be retrieved
url = f"https://{{instance}}.kiteworks.com/rest/clients/{id}/scopes"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())