CreateAppAuthorization - AWS AppFabric


Creates an app authorization within an app bundle, which allows AppFabric to connect to an application.

Request Syntax

POST /appbundles/appBundleIdentifier/appauthorizations HTTP/1.1 Content-type: application/json { "app": "string", "authType": "string", "clientToken": "string", "credential": { ... }, "tags": [ { "key": "string", "value": "string" } ], "tenant": { "tenantDisplayName": "string", "tenantIdentifier": "string" } }

URI Request Parameters

The request uses the following URI parameters.


The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.

Length Constraints: Minimum length of 1. Maximum length of 1011.

Pattern: arn:.+$|^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}

Required: Yes

Request Body

The request accepts the following data in JSON format.


The name of the application.

Valid values are:



  • JIRA

  • M365


  • ZOOM


  • OKTA





Type: String

Length Constraints: Minimum length of 1. Maximum length of 255.

Required: Yes


The authorization type for the app authorization.

Type: String

Valid Values: oauth2 | apiKey

Required: Yes


Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value.

If you don't provide this value, then AWS generates a random one for you.

If you retry the operation with the same ClientToken, but with different parameters, the retry fails with an IdempotentParameterMismatch error.

Type: String

Pattern: [a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}

Required: No


Contains credentials for the application, such as an API key or OAuth2 client ID and secret.

Specify credentials that match the authorization type for your request. For example, if the authorization type for your request is OAuth2 (oauth2), then you should provide only the OAuth2 credentials.

Type: Credential object

Note: This object is a Union. Only one member of this object can be specified or returned.

Required: Yes


A map of the key-value pairs of the tag or tags to assign to the resource.

Type: Array of Tag objects

Array Members: Minimum number of 0 items. Maximum number of 50 items.

Required: No


Contains information about an application tenant, such as the application display name and identifier.

Type: Tenant object

Required: Yes

Response Syntax

HTTP/1.1 201 Content-type: application/json { "appAuthorization": { "app": "string", "appAuthorizationArn": "string", "appBundleArn": "string", "authType": "string", "authUrl": "string", "createdAt": "string", "persona": "string", "status": "string", "tenant": { "tenantDisplayName": "string", "tenantIdentifier": "string" }, "updatedAt": "string" } }

Response Elements

If the action is successful, the service sends back an HTTP 201 response.

The following data is returned in JSON format by the service.


Contains information about an app authorization.

Type: AppAuthorization object


For information about the errors that are common to all actions, see Common Errors.


You are not authorized to perform this operation.

HTTP Status Code: 403


The request has created a conflict. Check the request parameters and try again.

HTTP Status Code: 409


The request processing has failed because of an unknown error, exception, or failure with an internal server.

HTTP Status Code: 500


The specified resource does not exist.

HTTP Status Code: 404


The request exceeds a service quota.

HTTP Status Code: 402


The request rate exceeds the limit.

HTTP Status Code: 429


The request has invalid or missing parameters.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: