> ## Documentation Index > Fetch the complete documentation index at: https://stytch.com/docs/llms.txt > Use this file to discover all available pages before exploring further. # Create Connected App > Creates a new Connected App. If the Connected App `client_type` is `first_party` or `third_party` a `client_secret` is returned. **Important:** This is the only time you will be able to view the generated `client_secret` in the API response. Stytch stores a hash of the `client_secret` and cannot recover the value if lost. Be sure to persist the `client_secret` in a secure location. If the `client_secret` is lost, you will need to trigger a secret rotation flow to receive another one. If the Connected App `client_type` is `first_party` or `third_party` (i.e. a confidential client), a `client_secret` is returned. This is the only time you will be able to view the generated `client_secret` in the API response. Stytch stores a hash of the `client_secret` and cannot recover the value if lost. Be sure to persist the `client_secret` in a secure location. If the `client_secret` is lost, you will need to trigger a secret rotation flow to receive another one. ## OpenAPI ````yaml POST /v1/connected_apps/clients openapi: 3.0.3 info: title: Stytch API description: The Stytch API provides endpoints for authentication and user management. version: 2.0.0 contact: name: Stytch Support url: https://stytch.com/docs email: support@stytch.com servers: - url: https://api.stytch.com description: Production server - url: https://test.stytch.com description: Test server security: - basicAuth: [] paths: /v1/connected_apps/clients: post: tags: - Connected Apps summary: Create description: >- Creates a new Connected App. If the Connected App `client_type` is `first_party` or `third_party` a `client_secret` is returned. **Important:** This is the only time you will be able to view the generated `client_secret` in the API response. Stytch stores a hash of the `client_secret` and cannot recover the value if lost. Be sure to persist the `client_secret` in a secure location. If the `client_secret` is lost, you will need to trigger a secret rotation flow to receive another one. operationId: api_connectedapps_v1_connected_apps_clients_Create requestBody: required: true content: application/json: schema: $ref: >- #/components/schemas/api_connectedapps_v1_connected_apps_clients_CreateRequest responses: '200': description: Successful response content: application/json: schema: $ref: >- #/components/schemas/api_connectedapps_v1_connected_apps_clients_CreateResponse '400': description: Bad request '401': description: Unauthorized content: application/json: example: status_code: 401 request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141 error_type: unauthorized_credentials error_message: Unauthorized credentials. error_url: https://stytch.com/docs/api/errors/401 '429': description: Too Many Requests content: application/json: example: status_code: 429 request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141 error_type: too_many_requests error_message: Too many requests have been made. error_url: https://stytch.com/docs/api/errors/429 '500': description: Internal server error content: application/json: example: status_code: 500 request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141 error_type: internal_server_error error_message: >- Oops, something seems to have gone wrong, please reach out to support@stytch.com to let us know what went wrong. error_url: https://stytch.com/docs/api/errors/500 x-code-samples: - lang: csharp label: C# source: |- // POST /v1/connected_apps/clients const stytch = require('stytch'); const client = new stytch.B2BClient({ project_id: '${projectId}', secret: '${secret}', }); const params = { client_type: "first_party", client_name: "My Sample Client", client_description: "My sample client for testing out Connected Apps", redirect_urls: ["https://example.com/callback"], full_access_allowed: false, }; client.ConnectedApp.Clients.Create(params) .then(resp => { console.log(resp) }) .catch(err => { console.log(err) }); - lang: go label: Go source: "// POST /v1/connected_apps/clients\npackage main\n\nimport (\n\t\"context\"\n\t\"log\"\n\n\t\"github.com/stytchauth/stytch-go/v17/stytch/b2b/b2bstytchapi\"\n\t\"github.com/stytchauth/stytch-go/v17/stytch/consumer/connectedapps/clients\"\n)\n\nfunc main() {\n\tclient, err := b2bstytchapi.NewClient(\n\t\t\"${projectId}\",\n\t\t\"${secret}\",\n\t)\n\tif err != nil {\n\t\tlog.Fatalf(\"error instantiating client: %v\", err)\n\t}\n\n\tparams := &clients.CreateParams{\n\t\tClientType: clients.CreateRequestClientTypeFirstParty,\n\t\tClientName: \"My Sample Client\",\n\t\tClientDescription: \"My sample client for testing out Connected Apps\",\n\t\tRedirectURLs: []string{\"https://example.com/callback\"},\n\t\tFullAccessAllowed: false,\n\t}\n\n\tresp, err := client.ConnectedApp.Clients.Create(context.Background(), params)\n\tif err != nil {\n\t\tlog.Fatalf(\"error in method call: %v\", err)\n\t}\n\n\tlog.Println(resp)\n}\n" - lang: java label: Java source: >- // POST /v1/connected_apps/clients package com.example; import com.stytch.java.b2b.StytchB2BClient; import com.stytch.java.common.StytchResult; import com.stytch.java.consumer.models.connectedappsclients.CreateRequest; import com.stytch.java.consumer.models.connectedappsclients.CreateRequestClientType; public class Main { public static void main(String[] args) { StytchB2BClient.configure("${projectId}", "${secret}"); CreateRequest params = new CreateRequest(); params.setClientType(CreateRequestClientType.FIRST_PARTY); params.setClientName("My Sample Client"); params.setClientDescription("My sample client for testing out Connected Apps"); params.setRedirectURLs(new String("https://example.com/callback")); params.setFullAccessAllowed(false); Object result = StytchB2BClient.getConnectedApp().getClients().create(params); if (result instanceof StytchResult.Success) { System.out.println(((StytchResult.Success) result).getValue()); } else { System.out.println(((StytchResult.Error) result).getException()); } } } - lang: kotlin label: Kotlin source: > // POST /v1/connected_apps/clients package com.example import com.stytch.java.b2b.StytchB2BClient import com.stytch.java.consumer.models.connectedappsclients.CreateRequest import com.stytch.java.consumer.models.connectedappsclients.CreateRequestClientType fun main() { StytchB2BClient.configure( projectId = "${projectId}", secret = "${secret}", ) when ( val result = StytchB2BClient.connectedApp.clients.create( CreateRequest( clientType = CreateRequestClientType.FIRST_PARTY, clientName = "My Sample Client", clientDescription = "My sample client for testing out Connected Apps", redirectURLs = arrayOf("https://example.com/callback"), fullAccessAllowed = false, ), ) ) { is StytchResult.Success -> println(result.value) is StytchResult.Error -> println(result.exception) } } - lang: javascript label: Node.js source: |- // POST /v1/connected_apps/clients const stytch = require('stytch'); const client = new stytch.B2BClient({ project_id: '${projectId}', secret: '${secret}', }); const params = { client_type: "first_party", client_name: "My Sample Client", client_description: "My sample client for testing out Connected Apps", redirect_urls: ["https://example.com/callback"], full_access_allowed: false, }; client.connectedApp.clients.create(params) .then(resp => { console.log(resp) }) .catch(err => { console.log(err) }); - lang: php label: PHP source: |- $response = $client->connected_app->clients->create([ 'client_type' => 'first_party', 'client_name' => 'My Sample Client', 'client_description' => 'My sample client for testing out Connected Apps', 'redirect_urls' => ['https://example.com/callback'], 'full_access_allowed' => false, ]); - lang: python label: Python source: > # POST /v1/connected_apps/clients from stytch import B2BClient from stytch.consumer.models.connected_apps_clients import CreateRequestClientType client = B2BClient( project_id="${projectId}", secret="${secret}", ) resp = client.connected_app.clients.create( client_type=CreateRequestClientType.FIRST_PARTY, client_name="My Sample Client", client_description="My sample client for testing out Connected Apps", redirect_urls=["https://example.com/callback"], full_access_allowed=False, ) print(resp) - lang: ruby label: Ruby source: |- # POST /v1/connected_apps/clients require 'stytch' client = StytchB2B::Client.new( project_id: "${projectId}", secret: "${secret}" ) resp = client.connected_app.clients.create( client_type: "first_party", client_name: "My Sample Client", client_description: "My sample client for testing out Connected Apps", redirect_urls: ['https://example.com/callback'], full_access_allowed: false ) puts resp - lang: rust label: Rust source: >- // POST /v1/connected_apps/clients use stytch::b2b::client::Client; use stytch::consumer::connected_apps_clients::CreateRequestClientType; use stytch::consumer::connected_apps_clients::CreateRequest; fn main() { let client = Client::new("${projectId}", "${secret}").unwrap(); let resp = client.connected_app.clients.create( CreateRequest{ client_type: CreateRequestClientType::FIRST_PARTY, client_name: Some(String::from("My Sample Client")), client_description: Some(String::from("My sample client for testing out Connected Apps")), redirect_urls: vec!["https://example.com/callback"], full_access_allowed: false, ..Default::default() } ).await; println!("The response is {:?}", resp); } - lang: bash label: cURL source: |- # POST /v1/connected_apps/clients curl --request POST \ --url https://test.stytch.com/v1/connected_apps/clients \ -u '${projectId}:${secret}' \ -H 'Content-Type: application/json' \ -d '{ "client_type": "first_party", "client_name": "My Sample Client", "client_description": "My sample client for testing out Connected Apps", "redirect_urls": ["https://example.com/callback"], "full_access_allowed": false }' components: schemas: api_connectedapps_v1_connected_apps_clients_CreateRequest: type: object properties: client_type: $ref: '#/components/schemas/api_connectedapps_v1_CreateRequestClientType' description: >- The type of Connected App. Supported values are `first_party`, `first_party_public`, `third_party`, and `third_party_public`. client_name: type: string description: A human-readable name for the client. client_description: type: string description: A human-readable description for the client. redirect_urls: type: array items: type: string description: Array of redirect URI values for use in OAuth Authorization flows. full_access_allowed: type: boolean description: >- Valid for first party clients only. If `true`, an authorization token granted to this Client can be exchanged for a full Stytch session. access_token_expiry_minutes: type: integer format: int32 description: >- The number of minutes before the access token expires. The default is 60 minutes. access_token_custom_audience: type: string description: The custom audience for the access token. access_token_template_content: type: string description: >- The content of the access token custom claims template. The template must be a valid JSON object. post_logout_redirect_urls: type: array items: type: string description: Array of redirect URI values for use in OIDC Logout flows. logo_url: type: string description: The logo URL of the Connected App, if any. bypass_consent_for_offline_access: type: boolean description: >- Valid for first party clients only. If true, the client does not need to request explicit user consent for the `offline_access` scope. description: Request type required: - client_type api_connectedapps_v1_connected_apps_clients_CreateResponse: type: object properties: request_id: type: string description: >- Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. connected_app: $ref: >- #/components/schemas/api_connectedapps_v1_ConnectedAppWithClientSecret description: The Connected App created by this API call. status_code: type: integer format: int32 description: >- The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. required: - request_id - connected_app - status_code api_connectedapps_v1_CreateRequestClientType: type: string enum: - first_party - first_party_public - third_party - third_party_public api_connectedapps_v1_ConnectedAppWithClientSecret: type: object properties: client_id: type: string description: The ID of the Connected App client. client_name: type: string description: A human-readable name for the client. client_description: type: string description: A human-readable description for the client. status: type: string full_access_allowed: type: boolean description: >- Valid for first party clients only. If `true`, an authorization token granted to this Client can be exchanged for a full Stytch session. client_type: type: string description: >- The type of Connected App. Supported values are `first_party`, `first_party_public`, `third_party`, and `third_party_public`. redirect_urls: type: array items: type: string description: Array of redirect URI values for use in OAuth Authorization flows. access_token_expiry_minutes: type: integer format: int32 access_token_template_content: type: string post_logout_redirect_urls: type: array items: type: string description: Array of redirect URI values for use in OIDC Logout flows. bypass_consent_for_offline_access: type: boolean description: >- Valid for first party clients only. If true, the client does not need to request explicit user consent for the `offline_access` scope. client_secret_last_four: type: string description: The last four characters of the client secret. next_client_secret_last_four: type: string description: >- The last four characters of the `next_client_secret`. Null if no `next_client_secret` exists. client_secret: type: string description: >- The secret of the Connected App client. **Required for confidential clients** access_token_custom_audience: type: string logo_url: type: string description: The logo URL of the Connected App, if any. client_id_metadata_url: type: string required: - client_id - client_name - client_description - status - full_access_allowed - client_type - redirect_urls - access_token_expiry_minutes - access_token_template_content - post_logout_redirect_urls - bypass_consent_for_offline_access securitySchemes: basicAuth: type: http scheme: basic ````