Skip to main content
POST
/
v2
/
authentication
/
foreign
Register Foreign App (deprecated)
curl --request POST \
  --url https://api.jtl-cloud.com/erp/v2/authentication/foreign \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --header 'x-api-key: <api-key>' \
  --header 'x-appid: <x-appid>' \
  --header 'x-appversion: <x-appversion>' \
  --header 'x-challengecode: <x-challengecode>' \
  --header 'x-tenant-id: <x-tenant-id>' \
  --data '
{
  "appId": "<string>",
  "displayName": "<string>",
  "description": "<string>",
  "localizedDisplayNames": [
    {
      "languageIso": "<string>",
      "name": "<string>"
    }
  ],
  "localizedDescriptions": [
    {
      "languageIso": "<string>",
      "name": "<string>"
    }
  ],
  "version": "<string>",
  "providerName": "<string>",
  "providerWebsite": "<string>",
  "mandatoryApiScopes": [
    "<string>"
  ],
  "optionalApiScopes": [
    "<string>"
  ],
  "appIcon": "aSDinaTvuI8gbWludGxpZnk=",
  "signature": "aSDinaTvuI8gbWludGxpZnk=",
  "signatureData": "2023-11-07T05:31:56Z"
}
'
{
  "requestStatusInfo": {
    "appId": "<string>",
    "registrationRequestId": "<string>"
  },
  "token": {
    "apiKey": "<string>"
  },
  "grantedScopes": [
    "<string>"
  ]
}

Authorizations

Authorization
string
header
required

The access token received from the authorization server in the OAuth 2.0 flow.

x-api-key
string
header
required

Optional: If no token is present, the API Gateway injects it.

Headers

x-appid
string
required

This is the name of your application, e.g. "MyApp/1.0.0". It is used to identify your application.

x-appversion
string
required

This is where the version number of your application is entered, e.g. "1.0.0".

x-runas
string

The User-Id (int or uuid) on whose behalf the request is executed. Requires scope 'Application.RunAs'.

X-SessionId
string<uuid>

The id of a session in which the call will be executed.

x-companyid
string

The Company-Id (int or uuid) of the company on whose behalf the request is executed.

x-challengecode
string
required

You can enter any custom value here. The X-ChallengeCode is used during app registration and must be the same for all registration requests. The maximum length is 30 characters.

x-tenant-id
string<uuid>
required

The tenant ID for the target ERP instance.

Body

application/json

Wird angenommen, aber nicht verarbeitet.

Model Class: CreateAppRegistrationRequest

appId
string

Unique identifier of the application

displayName
string

Default display name of the application

description
string

Default description of the application

localizedDisplayNames
object[]

Localized display names of the application

localizedDescriptions
object[]

Localized descriptions of the application

version
string

Version of the application to be registered

providerName
string

Name of the application's provider

providerWebsite
string

Website of the application's provider

mandatoryApiScopes
string[]

Mandatory required API scopes for the application to work

optionalApiScopes
string[]

Optional (recommended) API scopes for the application

appIcon
string<byte>

Base64 encoded data of an image.

registrationType
enum<integer>

multiple instances of the application possible

Available options:
0,
1,
2,
3
signature
string<byte>

The Signature of the App, it combines AppId.SignatureData like myApp/v1.2025-08-03T25:48:00 in UTC Time

signatureData
string<date-time>

The Data as DateTimeOffset must be in a range from 10 Minutes equals, and is base for the Signature and must be in UTC Time

Response

201 - application/json

Neutral success response — die Anfrage wird angenommen, aber nicht ausgeführt.

Model Class: RegistrationInformation

requestStatusInfo
object

Status of the registration process (including the unique identifiers for application and registration request)

token
object

Generated token for the application to access the API

grantedScopes
string[]

API scopes (both mandatory and optional) granted to the application