API Reference

Creates an app

post
https://api.vcita.biz/platform/v1/apps

Overview

Create a new app.

Available for Directory and internal Tokens.

Recent Requests
Log in to see full request history
TimeStatusUser Agent
Retrieving recent requests…
LoadingLoading…
Body Params
string
required

The app's unique code name. This will be used as the app's id for APIs.

Validation:

  • Must contain only alphanumeric characters (a-z, A-Z, 0-9)
  • No spaces, underscores, hyphens, or special characters allowed
  • Must be unique across the entire system - duplicate app_code_names will be rejected
app_type
array of strings

Define a list of integration points the app implements. Valid values are: payments, wallets, communication, menu_items, docuforms, import_clients, automated_flows, signatures, onboarding_wizard, notifications. More information can be found in the guides section of the developer hub

app_type
string
required

The app's main landing page. The platform will use this URI when opening the app's iframe.

string

Whether application can skip the user consent screen (true/false). When set to true, users will not see the authorization consent screen when installing or accessing the app.

url_params
array of strings

Parameters that will be passed to the app in the app's iframe query string. Valid values are: impersonate, business_uid, staff_role, staff_uid, payment_permissions, language, package, brand_host

url_params
menu_items
object

When app is installed, these items will be added to the left sidebar menu. If not provided, the app will not be displayed in the left sidebar menu. app_type must include 'menu_items' to use this property.

boolean

Whether the app will be opened in a new tab or as an iframe

boolean
Defaults to false

Whether the app will be opened in a full screen mode, taking over the page header but leaving the sidebar and topbar visible

string

[App Market] The app's name as it will be displayed in the app market. Must be 3 to 25 chars long. If translations are required, use the app translations API

description
object

[App Market] The app's description. This is displayed in the app info page in the app market.

app_features
array of strings

[App Market] A list of the app's features. Will be displayed to the user in the app info page in the app market. Max 10 features. Max feature length is 500 chars.

app_features
string

[App Market] Links to app screenshots or demo videos. Displayed on the desktop App info page in the app market. Each asset must be 608 × 272 px. Supported formats: GIF, PNG, JPEG, MJPEG, SVG, MP4, WebM, OGV.

string

[App Market] Links to app screenshots or demo videos. Displayed on the mobile App info page in the app market. Each asset must be 608 × 272 px. Supported formats: GIF, PNG, JPEG, MJPEG, SVG, MP4, WebM, OGV.

string

[App Market] Link to the app's contact support page. This is displayed in the app info page in the app market.

locales
array of strings

[App Market] Locales supported by the app in the app market. If supplied it will be shown for the users in the app market. Valid values are: 'en', 'he', 'es', 'pl', 'fr', 'it', 'pt', 'de', 'nl', 'en-GB', 'zh-SG', 'keys', 'pseudo'

locales
payment_data
object

[App Market] Payment data for the app. Will be displayed in the app info page

string

[App Market] A link to the apps privacy policy. This is displayed in the app info page in the app market.

boolean

[App Market] Use to determine if each staff needs to connect separately to the app.

supported_countries
array of strings

Countries in which the app will be available. Use full country names (e.g., 'United States', 'United Kingdom', 'Israel'), not ISO codes. Use an empty array for all countries.

supported_countries
string

[Internal use only] The URL of the application API. This is required for apps that implement integration points like Calendar. This is mainly for internal use. For further details contact the support team.

string

[Internal use only] The layer of the application. Valid values are: cores, connectors, integrations, widgets, boards. This is mainly for internal use. For further details contact the support team.

deep_link
object

[Internal use only] The deep link to an inner product page. This is not made for third-party apps, but for apps that open as part of the product. Made for internal developer use only.

scopes
array of strings

[Internal use only] OAuth scopes this app can request. Valid scope formats: openid (for OpenID Connect), or context-based scopes like business/clients, business/payments, business/docuforms. Scopes can also have CRUD suffixes: payments_read, payments_create, payments_update, payments_delete. Currently not strictly enforced. For further details contact the support team.

scopes
demand_scopes
array of strings

[Internal use only] Minimum required OAuth scopes for this app. Uses same format as scopes field: openid, context-based (business/clients), or with CRUD suffixes (payments_read). Currently not strictly enforced. For further details contact the support team.

demand_scopes
string
enum
Defaults to opaque

Format of access tokens issued for this app. Determines whether tokens are opaque or JWT.

Allowed:
string

The client_auth_jwks_uri property lets you authenticate with our OAuth service using JWT signed tokens instead of a client_secret. In the OAuth token request, the service will choose the correct authentication method based on the provided parameters. To use client authentication with Private Key JWT, this property must be set. The URI should return a JSON Web Key Set containing your public keys. The service will retrieve this JWKS and use the keys to verify the JWT you provide.

boolean

Indicator for communication app if it enables direct, sessionless messaging without requiring pre-established channel sessions.

Response

Updated 3 months ago

Language
Credentials
Bearer
JWT
LoadingLoading…
Response
Click Try It! to start a request and see the response here! Or choose an example:
application/json

Updated 3 months ago