--- title: Create Application (SAML Protocol) description: The POST {{apiPath}}/v1/environments/{{envID}}/applications operation adds a new application resource to the specified environment. If you set the protocol attribute to SAML, you must provide values for the following SAML settings: component: pingone-api page_id: pingone-api:platform:applications/applications-1/create-application-saml-protocol canonical_url: https://developer.pingidentity.com/pingone-api/platform/applications/applications-1/create-application-saml-protocol.html section_ids: prerequisites: Prerequisites headers: Headers body: Body example-request: Example Request example-response: Example Response --- # Create Application (SAML Protocol) ## ```none POST {{apiPath}}/v1/environments/{{envID}}/applications ``` The `POST {{apiPath}}/v1/environments/{{envID}}/applications` operation adds a new application resource to the specified environment. If you set the `protocol` attribute to `SAML`, you must provide values for the following SAML settings: * `spEntityId` * `acsUrls` * `assertionDuration` ### Prerequisites * Refer to [Application Operations](../applications-1.html) for important overview information. > **Collapse: Request Model** > > Refer to [Applications base data model](../applications-1.html#applications-base-data-model) for complete descriptions. > > **Base application data model (SAML application)** > > | Property | Required? | Type | > | ------------------------------- | --------- | ------- | > | `assignActorRoles` | Optional | Boolean | > | `accessControl.role.type` | Optional | String | > | `accessControl.group.type` | Optional | String | > | `accessControl.group.groups` | Optional | Array | > | `accessControl.group.groups.id` | Optional | UUID | > | `description` | Optional | String | > | `enabled` | Required | Boolean | > | `homePageUrl` | Optional | URL | > | `loginPageUrl` | Optional | URL | > | `icon.id` | Optional | UUID | > | `icon.href` | Optional | URL | > | `name` | Required | String | > | `protocol` | Required | String | > | `tags` | Optional | Array | > | `type` | Required | String | > > **Additional SAML settings** > > Refer to [Applications SAML settings data model](../applications-1.html#applications-saml-settings-data-model) for complete descriptions. > > | Property | Required? | Type | > | ----------------------------------- | --------- | ------- | > | `acsUrls` | Required | URL | > | `assertionDuration` | Required | Integer | > | `assertionSigned` | Optional | Boolean | > | `defaultTargetUrl` | Optional | URL | > | `idpSigning.key.algorithm` | Optional | String | > | `nameIdFormat` | Optional | String | > | `responseSigned` | Optional | Boolean | > | `sloBinding` | Optional | String | > | `sloEndpoint` | Optional | URL | > | `sloResponseEndpoint` | Optional | URL | > | `spEncryption.algorithm` | Optional | String | > | `spEncryption.certificates.id` | Optional | UUID | > | `spEntityID` | Required | String | > | `spVerification.authnRequestSigned` | Optional | Boolean | > | `spVerification.certificates.id` | Optional | UUID | ### Headers Authorization      Bearer {{accessToken}} Content-Type      application/json ### Body raw ( application/json ) ```json { "name": "app_{{$timestamp}}", "description": "this is my application", "enabled": true, "loginPageUrl": "https://example.com", "type": "WEB_APP", "protocol": "SAML", "icon": { "id": "{{iconID}}", "href": "https://upload.wikimedia.org/wikipedia/commons/a/a8/Baby_Jake.jpg" }, "assertionDuration": 60, "acsUrls": [ "https://example.com" ], "sloResponseEndpoint": "https://example.com", "spEntityId": "test", "nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" } ``` ## ### Example Request * cURL * C# * Go * HTTP * Java * jQuery * NodeJS * Python * PHP * Ruby * Swift ```shell curl --location --globoff '{{apiPath}}/v1/environments/{{envID}}/applications' \ --header 'Content-Type: application/json' \ --header 'Authorization: Bearer {{accessToken}}' \ --data '{ "name": "app_{{$timestamp}}", "description": "this is my application", "enabled": true, "loginPageUrl": "https://example.com", "type": "WEB_APP", "protocol": "SAML", "icon": { "id": "{{iconID}}", "href": "https://upload.wikimedia.org/wikipedia/commons/a/a8/Baby_Jake.jpg" }, "assertionDuration": 60, "acsUrls": [ "https://example.com" ], "sloResponseEndpoint": "https://example.com", "spEntityId": "test", "nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" }' ``` ```csharp var options = new RestClientOptions("{{apiPath}}/v1/environments/{{envID}}/applications") { MaxTimeout = -1, }; var client = new RestClient(options); var request = new RestRequest("", Method.Post); request.AddHeader("Content-Type", "application/json"); request.AddHeader("Authorization", "Bearer {{accessToken}}"); var body = @"{" + "\n" + @" ""name"": ""app_{{$timestamp}}""," + "\n" + @" ""description"": ""this is my application""," + "\n" + @" ""enabled"": true," + "\n" + @" ""loginPageUrl"": ""https://example.com""," + "\n" + @" ""type"": ""WEB_APP""," + "\n" + @" ""protocol"": ""SAML""," + "\n" + @" ""icon"": {" + "\n" + @" ""id"": ""{{iconID}}""," + "\n" + @" ""href"": ""https://upload.wikimedia.org/wikipedia/commons/a/a8/Baby_Jake.jpg""" + "\n" + @" }," + "\n" + @" ""assertionDuration"": 60," + "\n" + @" ""acsUrls"": [" + "\n" + @" ""https://example.com""" + "\n" + @" ]," + "\n" + @" ""sloResponseEndpoint"": ""https://example.com""," + "\n" + @" ""spEntityId"": ""test""," + "\n" + @" ""nameIdFormat"": ""urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress""" + "\n" + @"}"; request.AddStringBody(body, DataFormat.Json); RestResponse response = await client.ExecuteAsync(request); Console.WriteLine(response.Content); ``` ```golang package main import ( "fmt" "strings" "net/http" "io" ) func main() { url := "{{apiPath}}/v1/environments/{{envID}}/applications" method := "POST" payload := strings.NewReader(`{ "name": "app_{{$timestamp}}", "description": "this is my application", "enabled": true, "loginPageUrl": "https://example.com", "type": "WEB_APP", "protocol": "SAML", "icon": { "id": "{{iconID}}", "href": "https://upload.wikimedia.org/wikipedia/commons/a/a8/Baby_Jake.jpg" }, "assertionDuration": 60, "acsUrls": [ "https://example.com" ], "sloResponseEndpoint": "https://example.com", "spEntityId": "test", "nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" }`) client := &http.Client { } req, err := http.NewRequest(method, url, payload) if err != nil { fmt.Println(err) return } req.Header.Add("Content-Type", "application/json") req.Header.Add("Authorization", "Bearer {{accessToken}}") res, err := client.Do(req) if err != nil { fmt.Println(err) return } defer res.Body.Close() body, err := io.ReadAll(res.Body) if err != nil { fmt.Println(err) return } fmt.Println(string(body)) } ``` ```http POST /v1/environments/{{envID}}/applications HTTP/1.1 Host: {{apiPath}} Content-Type: application/json Authorization: Bearer {{accessToken}} { "name": "app_{{$timestamp}}", "description": "this is my application", "enabled": true, "loginPageUrl": "https://example.com", "type": "WEB_APP", "protocol": "SAML", "icon": { "id": "{{iconID}}", "href": "https://upload.wikimedia.org/wikipedia/commons/a/a8/Baby_Jake.jpg" }, "assertionDuration": 60, "acsUrls": [ "https://example.com" ], "sloResponseEndpoint": "https://example.com", "spEntityId": "test", "nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" } ``` ```java OkHttpClient client = new OkHttpClient().newBuilder() .build(); MediaType mediaType = MediaType.parse("application/json"); RequestBody body = RequestBody.create(mediaType, "{\n \"name\": \"app_{{$timestamp}}\",\n \"description\": \"this is my application\",\n \"enabled\": true,\n \"loginPageUrl\": \"https://example.com\",\n \"type\": \"WEB_APP\",\n \"protocol\": \"SAML\",\n \"icon\": {\n \"id\": \"{{iconID}}\",\n \"href\": \"https://upload.wikimedia.org/wikipedia/commons/a/a8/Baby_Jake.jpg\"\n },\n \"assertionDuration\": 60,\n \"acsUrls\": [\n \"https://example.com\"\n ],\n \"sloResponseEndpoint\": \"https://example.com\",\n \"spEntityId\": \"test\",\n \"nameIdFormat\": \"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\"\n}"); Request request = new Request.Builder() .url("{{apiPath}}/v1/environments/{{envID}}/applications") .method("POST", body) .addHeader("Content-Type", "application/json") .addHeader("Authorization", "Bearer {{accessToken}}") .build(); Response response = client.newCall(request).execute(); ``` ```javascript var settings = { "url": "{{apiPath}}/v1/environments/{{envID}}/applications", "method": "POST", "timeout": 0, "headers": { "Content-Type": "application/json", "Authorization": "Bearer {{accessToken}}" }, "data": JSON.stringify({ "name": "app_{{$timestamp}}", "description": "this is my application", "enabled": true, "loginPageUrl": "https://example.com", "type": "WEB_APP", "protocol": "SAML", "icon": { "id": "{{iconID}}", "href": "https://upload.wikimedia.org/wikipedia/commons/a/a8/Baby_Jake.jpg" }, "assertionDuration": 60, "acsUrls": [ "https://example.com" ], "sloResponseEndpoint": "https://example.com", "spEntityId": "test", "nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" }), }; $.ajax(settings).done(function (response) { console.log(response); }); ``` ```javascript var request = require('request'); var options = { 'method': 'POST', 'url': '{{apiPath}}/v1/environments/{{envID}}/applications', 'headers': { 'Content-Type': 'application/json', 'Authorization': 'Bearer {{accessToken}}' }, body: JSON.stringify({ "name": "app_{{$timestamp}}", "description": "this is my application", "enabled": true, "loginPageUrl": "https://example.com", "type": "WEB_APP", "protocol": "SAML", "icon": { "id": "{{iconID}}", "href": "https://upload.wikimedia.org/wikipedia/commons/a/a8/Baby_Jake.jpg" }, "assertionDuration": 60, "acsUrls": [ "https://example.com" ], "sloResponseEndpoint": "https://example.com", "spEntityId": "test", "nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" }) }; request(options, function (error, response) { if (error) throw new Error(error); console.log(response.body); }); ``` ```python import requests import json url = "{{apiPath}}/v1/environments/{{envID}}/applications" payload = json.dumps({ "name": "app_{{$timestamp}}", "description": "this is my application", "enabled": True, "loginPageUrl": "https://example.com", "type": "WEB_APP", "protocol": "SAML", "icon": { "id": "{{iconID}}", "href": "https://upload.wikimedia.org/wikipedia/commons/a/a8/Baby_Jake.jpg" }, "assertionDuration": 60, "acsUrls": [ "https://example.com" ], "sloResponseEndpoint": "https://example.com", "spEntityId": "test", "nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" }) headers = { 'Content-Type': 'application/json', 'Authorization': 'Bearer {{accessToken}}' } response = requests.request("POST", url, headers=headers, data=payload) print(response.text) ``` ```php setUrl('{{apiPath}}/v1/environments/{{envID}}/applications'); $request->setMethod(HTTP_Request2::METHOD_POST); $request->setConfig(array( 'follow_redirects' => TRUE )); $request->setHeader(array( 'Content-Type' => 'application/json', 'Authorization' => 'Bearer {{accessToken}}' )); $request->setBody('{\n "name": "app_{{$timestamp}}",\n "description": "this is my application",\n "enabled": true,\n "loginPageUrl": "https://example.com",\n "type": "WEB_APP",\n "protocol": "SAML",\n "icon": {\n "id": "{{iconID}}",\n "href": "https://upload.wikimedia.org/wikipedia/commons/a/a8/Baby_Jake.jpg"\n },\n "assertionDuration": 60,\n "acsUrls": [\n "https://example.com"\n ],\n "sloResponseEndpoint": "https://example.com",\n "spEntityId": "test",\n "nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"\n}'); try { $response = $request->send(); if ($response->getStatus() == 200) { echo $response->getBody(); } else { echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' . $response->getReasonPhrase(); } } catch(HTTP_Request2_Exception $e) { echo 'Error: ' . $e->getMessage(); } ``` ```ruby require "uri" require "json" require "net/http" url = URI("{{apiPath}}/v1/environments/{{envID}}/applications") http = Net::HTTP.new(url.host, url.port); request = Net::HTTP::Post.new(url) request["Content-Type"] = "application/json" request["Authorization"] = "Bearer {{accessToken}}" request.body = JSON.dump({ "name": "app_{{\$timestamp}}", "description": "this is my application", "enabled": true, "loginPageUrl": "https://example.com", "type": "WEB_APP", "protocol": "SAML", "icon": { "id": "{{iconID}}", "href": "https://upload.wikimedia.org/wikipedia/commons/a/a8/Baby_Jake.jpg" }, "assertionDuration": 60, "acsUrls": [ "https://example.com" ], "sloResponseEndpoint": "https://example.com", "spEntityId": "test", "nameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" }) response = http.request(request) puts response.read_body ``` ```swift let parameters = "{\n \"name\": \"app_{{$timestamp}}\",\n \"description\": \"this is my application\",\n \"enabled\": true,\n \"loginPageUrl\": \"https://example.com\",\n \"type\": \"WEB_APP\",\n \"protocol\": \"SAML\",\n \"icon\": {\n \"id\": \"{{iconID}}\",\n \"href\": \"https://upload.wikimedia.org/wikipedia/commons/a/a8/Baby_Jake.jpg\"\n },\n \"assertionDuration\": 60,\n \"acsUrls\": [\n \"https://example.com\"\n ],\n \"sloResponseEndpoint\": \"https://example.com\",\n \"spEntityId\": \"test\",\n \"nameIdFormat\": \"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\"\n}" let postData = parameters.data(using: .utf8) var request = URLRequest(url: URL(string: "{{apiPath}}/v1/environments/{{envID}}/applications")!,timeoutInterval: Double.infinity) request.addValue("application/json", forHTTPHeaderField: "Content-Type") request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization") request.httpMethod = "POST" request.httpBody = postData let task = URLSession.shared.dataTask(with: request) { data, response, error in guard let data = data else { print(String(describing: error)) return } print(String(data: data, encoding: .utf8)!) } task.resume() ``` ### Example Response 201 Created ```json { "_links": { "self": { "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/applications/37c7a13a-bfb4-4eff-9f4c-d7812d642714" }, "environment": { "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6" }, "attributes": { "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/applications/37c7a13a-bfb4-4eff-9f4c-d7812d642714/attributes" } }, "environment": { "id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6" }, "id": "37c7a13a-bfb4-4eff-9f4c-d7812d642714", "name": "app_1555021123", "description": "this is my application", "enabled": true, "type": "WEB_APP", "protocol": "SAML", "createdAt": "2019-04-11T22:18:43.313Z", "updatedAt": "2019-04-11T22:18:43.313Z", "spEntityId": "test", "sloEndpoint": "https://example.com/slo", "sloResponseEndpoint": "https://example.com", "responseSigned": true, "sloBinding": "HTTP_POST", "acsUrls": [ "https://example.com" ], "assertionDuration": 60, "assertionSigned": true, "idpSigning": { "key": { "id": "{keyID}" } }, "spVerification": { "cert": { "id": "{certID}" } } } ```