UpdateApplication - Resource Access Management - Alibaba Cloud Documentation Center

Updates the configuration of a specified application.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.
API: The API that you can call to perform the action.
Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.
Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.
- For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.
- For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.
Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.
Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

ram:UpdateApplication

update

*Application

acs:ram::{#accountId}:application/{#AppName}

None

Request parameters

Parameter	Type	Required	Description	Example
AppId	string	Yes	The application ID.	472457090344041****
NewDisplayName	string	No	The new display name.	NewApp
NewRedirectUris	string	No	The webhook address. If you enter multiple webhook addresses, separate them with semicolons (;).	https://www.example.com
NewPredefinedScopes	string	No	The permission scopes of the application. For more information about the valid values and descriptions of permission scopes, see OAuth scopes. You can also call the ListPredefinedScopes operation to obtain the permission scopes that are supported by different types of applications. If you enter multiple permission scopes, separate them with semicolons (;). The new permission scopes overwrite the original ones. For example, if the original permission scope is `/acs/ccc` and you set the new permission scope to `/acs/alidns`, the permission scope that takes effect is `/acs/alidns`. If you want to add `/acs/alidns` to the original scope, set the new permission scope to `/acs/ccc;/acs/alidns`.	openid
NewRequiredScopes	string	No	The required permission scopes of the application. You can set one or more scopes specified in `RequiredScopes` as required. After a scope is set as required, it is selected by default and cannot be deselected when a user grants permissions to the application. If you also specify `NewPredefinedScopes`, the list of application scopes is reset by `NewPredefinedScopes` first. Then, this parameter is used to configure whether the scopes are required. If you enter multiple permission scopes, separate them with semicolons (;). The new required scopes overwrite the original ones. Note If a scope that you specify for `RequiredScopes` is not within the range of `PredefinedScopes`, the required setting for that scope does not take effect.	profile;aliuid
NewSecretRequired	boolean	No	Indicates whether an application key is required. Valid values: true false Note For applications of the WebApp and ServerApp types, this parameter is forcibly set to true and cannot be modified. For applications of the NativeApp type, you can set this parameter to true or false. The default value is false. These applications often run in untrusted environments and cannot effectively protect application keys. Do not set this parameter to true unless necessary. For more information, see Log on to Alibaba Cloud using a native application.	true
NewAccessTokenValidity	integer	No	The validity period of the access token. Valid values: 900 to 10800. Unit: seconds.	3600
NewRefreshTokenValidity	integer	No	The validity period of the refresh token. Valid values: 7200 to 31536000. Unit: seconds.	7776000
NewIsMultiTenant	boolean	No	Indicates whether the application can be installed by other Alibaba Cloud accounts. Valid values: true: The application can be installed. false: The application cannot be installed.	true

Response elements

Element	Type	Description	Example
	object	The returned results.
RequestId	string	The request ID.	6616F09B-2768-4C11-8866-A8EE4C4A583E
Application	object	The application information.
DisplayName	string	The display name of the application.	NewApp
AccessTokenValidity	integer	The validity period of the access token. Unit: seconds.	3600
SecretRequired	boolean	Indicates whether an application key is required.	true
AccountId	string	The ID of the Alibaba Cloud account to which the application belongs.	177242285274****
CreateDate	string	The time when the application was created.	2020-10-23T08:06:57Z
AppName	string	The application name.	myapp
RedirectUris	object
RedirectUri	array	The webhook address.
	string	The webhook address.	https://www.example.com
UpdateDate	string	The time when the application was updated.	2020-10-23T08:06:57Z
DelegatedScope	object	The information about the permission scopes of the application.
PredefinedScopes	object
PredefinedScope	array<object>	The information about the permission scopes of the application.
	object	The information about the permission scopes of the application.
Description	string	The description of the scope.	Obtain the OpenID of the user. This is the default permission that you cannot remove.
Name	string	The name of the scope.	openid
Required	boolean	Indicates whether this permission scope is required by default when the application is installed. Valid values: true: required. false: not required. The `openid` scope is required by default.	true
AppId	string	The application ID.	472457090344041****
RefreshTokenValidity	integer	The validity period of the refresh token. Unit: seconds.	7776000
IsMultiTenant	boolean	Indicates whether the application can be installed by other Alibaba Cloud accounts.	true
AppType	string	The application type.	WebApp
ProtocolVersion	string	The OAuth protocol version of the application. Valid values: `2.0`: OAuth 2.0. `2.1`: OAuth 2.1.	2.0

Examples

Success response

JSON format

{
  "RequestId": "6616F09B-2768-4C11-8866-A8EE4C4A583E",
  "Application": {
    "DisplayName": "NewApp",
    "AccessTokenValidity": 3600,
    "SecretRequired": true,
    "AccountId": "177242285274****",
    "CreateDate": "2020-10-23T08:06:57Z",
    "AppName": "myapp",
    "RedirectUris": {
      "RedirectUri": [
        "https://www.example.com"
      ]
    },
    "UpdateDate": "2020-10-23T08:06:57Z",
    "DelegatedScope": {
      "PredefinedScopes": {
        "PredefinedScope": [
          {
            "Description": "Obtain the OpenID of the user. This is the default permission that you cannot remove.",
            "Name": "openid",
            "Required": true
          }
        ]
      }
    },
    "AppId": "472457090344041****",
    "RefreshTokenValidity": 7776000,
    "IsMultiTenant": true,
    "AppType": "WebApp",
    "ProtocolVersion": "2.0"
  }
}

Error codes

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.