Connected Apps

Connected Apps contain app-specific information, such as URLs for your app server, that are used by Auth Providers to complete logins and signups.

You may have multiple Connected Apps per Realm. This is often useful when you have multiple apps (or multiple sub-apps that all belong to a larger app) using AuthRocket in an SSO scenario.

Connected Apps were formerly called Login Policies, which is the reason for legacy references to login_policy (policies) below. Despite the legacy naming, thinking about them using the current terminology will be helpful in understanding.

Fields

FieldValueReq/DefaultNotes
id id Auto-generated

App’s ID. Always starts with “lpl_”. Example: lpl_USkZSudITtpKPqQcyxU84

name string Required
realm_id realm_id Required ID of Realm this App belongs to.
subdomain string Optional Unique subdomain. Auto-generated if not provided. Becomes subdomain.region.loginrocket.com.
domains string Auto-generated Array of domains for logins for this app.
header string Optional HTML header for hosted login page.
footer string Optional HTML footer for hosted login page.
external_css url Optional URL of stylesheet for hosted login page.
login_handler url Required

URL of your app where it processes new logins coming from LoginRocket.

signup_handler url Optional

URL of your app where it processes new signup tokens coming from LoginRocket. Uses login_handler if not present.

redirect_uris url Optional

Array of URLs for use with ?redirect_uri= param.

request hash

Hash of request attributes to add to Event. See notes.

Permissions

MethodPermissions
List, Get read
Create, Update, Delete admin_realm

List connected apps

List all connected apps in the current realm.

Parameters

ParamValueDefault
after policy_id ID of the last connected app you've seen
max_results integer 100 Range: 1-100
sort id,
name
name
direction asc,
desc
asc

Request

Example
GET /v1/login_policies
AuthRocket::LoginPolicy.all realm_id: 'rl_0v1zTHXhtNgmDaXaDYSAqx'

Response

Example

Status: 200

{ "more_results" : false,
  "collection" : [
    { "domains" : ["acmeapp.e1.loginrocket.com"],
      "id" : "lpl_0v1zVlBN75jzposHJJuDPv",
      "name" : "AcmeApp SSO",
      "realm_id" : "rl_0v1zTHXhtNgmDaXaDYSAqx",
      "subdomain" : "acmeapp",
      "object" : "login_policy"
    }
  ]
}
[#<AuthRocket::LoginPolicy:0x3fc21aab662c>
  id: "lpl_0v2FcFcZnv8qpG1XWoyN9P",
  attribs: {
    "domains"=>["acmeapp.e1.loginrocket.com"],
    "name"=>"Acme App+ SSO",
    "realm_id"=>"rl_0v1zTHXhtNgmDaXaDYSAqx",
    "subdomain"=>"acmeapp",
    "object"=>"login_policy"
  },
  metadata: {
    "more_results"=>false
  }
]

Get a connected app

Retrieve a specific connected app within the current realm.

Request

Example
GET /v1/login_policies/:policy_id
AuthRocket::LoginPolicy.find 'lpl_0v2FcFcZnv8qpG1XWoyN9P'

Response

Example

Status: 200

{ "domains" : ["acmeapp.e1.loginrocket.com"],
  "id" : "lpl_0v1zVlBN75jzposHJJuDPv",
  "name" : "AcmeApp SSO",
  "realm_id" : "rl_0v1zTHXhtNgmDaXaDYSAqx",
  "subdomain" : "acmeapp",
  "object" : "login_policy",
  "header" : null,
  "footer" : null,
  "external_css" : null,
  "login_handler" : "https://example.com/login",
  "signup_handler" : "https://example.com/signup"
}
#<AuthRocket::LoginPolicy:0x3fc21aab662c>
  id: "lpl_0v2FcFcZnv8qpG1XWoyN9P",
  attribs: {
    "domains"=>["acmeapp.e1.loginrocket.com"],
    "name"=>"Acme App+ SSO",
    "realm_id"=>"rl_0v1zTHXhtNgmDaXaDYSAqx",
    "subdomain"=>"acmeapp",
    "object"=>"login_policy",
    "header"=>nil,
    "footer"=>nil,
    "external_css"=>nil,
    "login_handler"=>"https://example.com/login",
    "signup_handler"=>"https://example.com/signup"
  }

Create a connected app

Create a new connected app.

Request

Example
POST /v1/login_policies
{ "login_policy" :
  { "name" : "AcmeApp SSO",
    "login_handler" : "https://example.com/login",
    "realm_id" : "rl_0v1zTHXhtNgmDaXaDYSAqx"
  }
}
app = AuthRocket::LoginPolicy.create(
  name: "AcmeApp SSO",
  login_handler: "https://example.com/login",
  realm_id: "rl_0v1zTHXhtNgmDaXaDYSAqx"
)

Response

Example

Status: 201, with same body as Get a Connected App.

On success, returns same object as Get a Connected App.

On failure, returns an object without an id, but with errors:

# => #<AuthRocket::LoginPolicy:0x3fde5fa18df8> id: nil, ...
app.errors?
# => true
app.valid?
# => false
app.errors
# => ["Name can't be blank"]

Events

Triggers a login_policy.created event.

Update a connected app

Update a connected app’s attributes. Only provided attributes are changed.

Request

Example
PUT /v1/login_policies/:policy_id
{ "login_policy" :
  { "name" : "Acme App+ SSO"
  }
}
app=AuthRocket::LoginPolicy.find 'lpl_0v2FcFcZnv8qpG1XWoyN9P'
app.save name: 'Widgets, Inc.'

Response

Example

Status: 200, with same body as Get a Connected App.

On success, returns same object as Get a Connected App.

On failure, returns false:

# => false
app.errors
# => ["Name can't be blank"]

Events

Triggers a login_policy.updated event.

Delete a connected app

Deletes a connected app and associated domains.

Request

Example
DELETE /v1/login_policies/:policy_id
app=AuthRocket::LoginPolicy.find 'lpl_0v2FcFcZnv8qpG1XWoyN9P'
app.delete

Response

Example

Status: 204

On success, returns original object.

On failure, returns false.

Events

Triggers a login_policy.deleted event.

Questions? Find a Typo? Get in touch.