Skip to main content
PATCH
/
apps
/
{client_id}
curl -X PATCH \
  -H "Authorization: Bearer sk_workspace_test_..." \
  -H "Content-Type: application/json" \
  -d '{
    "name": "New App Name",
    "redirectUris": ["https://app.example.com/callback"],
    "defaultSuccessRedirectUri": "https://app.example.com/success",
    "defaultFailureRedirectUri": "https://app.example.com/error"
  }' \
  "https://sandbox.api.hopae.com/connect/v1/apps/HqTRDIYH"

{
  "clientId": "HqTRDIYH",
  "clientSecret": "sh_app_...",
  "name": "New App Name",
  "redirectUris": ["https://app.example.com/callback"],
  "providers": {
    "passport": { "enabled": true },
    "smartid": { "enabled": true, "config": { "useManagedCredentials": false, "rpUUID": "d278d410-...", "rpName": "Example" } },
    "mitid": { "enabled": false }
  },
  "defaultWorkflowId": "wf_6ec9b183",
  "workflows": [
    {
      "workflowId": "wf_6ec9b183",
      "name": "Default",
      "entryNodeId": "nd_231bba48",
      "nodes": [
        { "id": "nd_231bba48", "type": "request", "next": "nd_8fa2291e" },
        { "id": "nd_8fa2291e", "type": "verification", "next": "nd_9ea348df", "config": { "channel": "oidc", "claims": ["name", "given_name", "family_name", "birthdate"], "mode": "pii" } },
        { "id": "nd_9ea348df", "type": "response" }
      ],
      "createdAt": "2026-03-27T08:22:51.272Z",
      "updatedAt": "2026-03-27T08:22:51.272Z"
    }
  ],
  "organizationId": "org_...",
  "webhookConfig": {
    "enabled": false,
    "retryAttempts": 3,
    "timeoutSeconds": 10,
    "events": []
  }
}

Documentation Index

Fetch the complete documentation index at: https://docs.hopae.com/llms.txt

Use this file to discover all available pages before exploring further.

Partially updates an app. All body fields are optional — supply only what you want to change.
Immutable fields: clientId and clientSecret cannot be changed via this endpoint. Attempts to include either field in the PATCH body will return 400 VALIDATION_INVALID_PARAMETER. To rotate the client secret, use POST /apps/{client_id}/rotate-client-secret.

Request

Authorization
string
required
Bearer <API_KEY> from Console > Developers > Workspace API Keys.
Content-Type
string
application/json

Path parameters

client_id
string
required
Client identifier of the app.

Request body

name
string
New display name for the app.
redirectUris
string[]
Replaces the full list of allowed OAuth redirect URIs. Pass an empty array to clear all URIs.
webhookConfig
object
Partial webhook configuration. Merges with the existing config — fields you omit are preserved.
defaultSuccessRedirectUri
string
URI users are redirected to after a successful verification when no redirect_uri was supplied at session start.
defaultFailureRedirectUri
string
URI users are redirected to after a failed or cancelled verification when no redirect_uri was supplied at session start.

Response

Returns the updated App object. 
curl -X PATCH \
  -H "Authorization: Bearer sk_workspace_test_..." \
  -H "Content-Type: application/json" \
  -d '{
    "name": "New App Name",
    "redirectUris": ["https://app.example.com/callback"],
    "defaultSuccessRedirectUri": "https://app.example.com/success",
    "defaultFailureRedirectUri": "https://app.example.com/error"
  }' \
  "https://sandbox.api.hopae.com/connect/v1/apps/HqTRDIYH"

{
  "clientId": "HqTRDIYH",
  "clientSecret": "sh_app_...",
  "name": "New App Name",
  "redirectUris": ["https://app.example.com/callback"],
  "providers": {
    "passport": { "enabled": true },
    "smartid": { "enabled": true, "config": { "useManagedCredentials": false, "rpUUID": "d278d410-...", "rpName": "Example" } },
    "mitid": { "enabled": false }
  },
  "defaultWorkflowId": "wf_6ec9b183",
  "workflows": [
    {
      "workflowId": "wf_6ec9b183",
      "name": "Default",
      "entryNodeId": "nd_231bba48",
      "nodes": [
        { "id": "nd_231bba48", "type": "request", "next": "nd_8fa2291e" },
        { "id": "nd_8fa2291e", "type": "verification", "next": "nd_9ea348df", "config": { "channel": "oidc", "claims": ["name", "given_name", "family_name", "birthdate"], "mode": "pii" } },
        { "id": "nd_9ea348df", "type": "response" }
      ],
      "createdAt": "2026-03-27T08:22:51.272Z",
      "updatedAt": "2026-03-27T08:22:51.272Z"
    }
  ],
  "organizationId": "org_...",
  "webhookConfig": {
    "enabled": false,
    "retryAttempts": 3,
    "timeoutSeconds": 10,
    "events": []
  }
}
Only name (and related fields such as redirectUris, webhookConfig, and default redirect URIs) can be updated via PATCH. Sending clientId or clientSecret in the body returns 400 VALIDATION_INVALID_PARAMETER.