Applications
Applications hold API keys used for tokenization and (optionally) provisioning. Management endpoints require a JWT; the verify-key endpoint uses the API key itself.Endpoints
| Method | Path | Description |
|---|---|---|
| POST | /api/applications | Create application (returns API key once) |
| GET | /api/applications | List applications |
| GET | /api/applications/{id} | Get application details |
| PUT | /api/applications/{application_id} | Update application (body: name, permissions) |
| DELETE | /api/applications/{id} | Delete application |
| GET | /api/applications/key | Verify API key (see Verify API Key) |
POST /api/applications
Auth: JWT with admin or owner role. Request body:| Field | Type | Required | Description |
|---|---|---|---|
name | string | Yes | Application name (3–50 characters) |
permissions.tokenization.allowed | boolean | Yes | Allow tokenize, detokenize, proxy |
permissions.provisioning.allowed | boolean | No | Allow creating sub-projects (default: false) |
data includes id, name, api_key (shown only once — store it securely), permissions, created_at.
Permissions
- tokenization — Create tokens, detokenize, use proxy, test tokens.
- provisioning — Call
/internal/provisionto create sub-projects.