From 6d7de55a454d70005fef1f125c9c9e684e4b0dd8 Mon Sep 17 00:00:00 2001 From: Diana <75819066+cloudjumpercat@users.noreply.github.com> Date: Thu, 16 Apr 2026 14:52:06 -0500 Subject: [PATCH 1/4] Draft docs Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> --- app/_includes/dev-portal/create-app-api.md | 44 ++++++++++++++++++ app/_includes/dev-portal/create-dev-api.md | 45 +++++++++++++++++++ .../dev-portal/self-service.yaml | 22 +++++++++ 3 files changed, 111 insertions(+) create mode 100644 app/_includes/dev-portal/create-app-api.md create mode 100644 app/_includes/dev-portal/create-dev-api.md diff --git a/app/_includes/dev-portal/create-app-api.md b/app/_includes/dev-portal/create-app-api.md new file mode 100644 index 0000000000..c304cdf12e --- /dev/null +++ b/app/_includes/dev-portal/create-app-api.md @@ -0,0 +1,44 @@ +You can pre-create applications and application registrations on behalf of a developer or team using the {{site.konnect_short_name}} API. + +1. Create a developer application by sending a `POST` request to the `/portals/{portalId}/applications` endpoint: +{% capture create-application %} + +{% konnect_api_request %} +url: /v3/portals/$DEV_PORTAL_ID/applications +method: POST +status_code: 201 +body: + name: "KongAir Application" + description: "A portal application provisioned for a developer by a Portal Admin." + auth_strategy_id: "$AUTH_STRATEGY_ID" + owner: + id: "$DEVELOPER_ID" + type: "developer" +{% endkonnect_api_request %} + +{% endcapture %} +{{create-application | indent: 3}} + +1. Copy and export the application ID: + ```sh + export APPLICATION_ID='YOUR APPLICATION ID' + ``` + +1. Create an application registration by sending a `POST` request to the `/portals/{portalId}/applications/{applicationId}/registrations` endpoint: +{% capture create-application-registration %} + +{% konnect_api_request %} +url: /v3/portals/$DEV_PORTAL_ID/applications/$APPLICATION_ID/registrations +method: POST +status_code: 201 +body: + api_id: "$API_ID" + status: "approved" +{% endkonnect_api_request %} + +{% endcapture %} +{{create-application-registration | indent: 3}} + + {:.warning} + > **DCR applications:** + > If the application will be using a DCR provider with the given auth strategy, the request must specify `dcr_client_id`. diff --git a/app/_includes/dev-portal/create-dev-api.md b/app/_includes/dev-portal/create-dev-api.md new file mode 100644 index 0000000000..bf66fcd472 --- /dev/null +++ b/app/_includes/dev-portal/create-dev-api.md @@ -0,0 +1,45 @@ +You can pre-create developer accounts to provision their team association and API access before they access the {{site.dev_portal}}. + +1. To automatically create developers and send them an email to create a password, send a `POST` request to the ` /portals/{portalId}/developers` endpoint: +{% capture create-dev %} + +{% konnect_api_request %} +url: /v3/portals/$DEV_PORTAL_ID/developers +method: POST +status_code: 201 +body: + full_name: "Raina Sovani" + email: "raina.sovani@example.com" + status: "approved" + send_notification_email: true +{% endkonnect_api_request %} + +{% endcapture %} +{{create-dev | indent: 3}} + +1. Copy and export the developer ID: + ```sh + export DEVELOPER_ID='YOUR DEVELOPER ID' + ``` + +1. Add the developer to an existing team that has the correct roles for the APIs they need access to by sending a `POST` request to the [`/portals/{portalId}/teams/{teamId}/developers` endpoint](/api/konnect/portal-management/v3/#/operations/add-developer-to-portal-team): +{% capture add-dev-to-team %} + +{% konnect_api_request %} +url: /v3/portals/$DEV_PORTAL_ID/teams/$TEAM_ID/developers +method: POST +status_code: 201 +body: + id: "$DEVELOPER_ID" +{% endkonnect_api_request %} + +{% endcapture %} +{{add-dev-to-team | indent: 3}} + +{:.warning} +> **Logging in to {{site.dev_portal}}s:** +> * **SSO:** If a developer is created in a {{site.dev_portal}} with SSO configured, they must be able to use SSO to login if their email address is configured in the identity provider. +> After they log in, they will automatically approved. +> * **Basic auth:** If a developer is created in a {{site.dev_portal}} with basic auth configured, they must be able to set their password. This can be done one of two ways: +> * `send_notification_email: true`: Developers can use the link in the email to set their password. +> * `send_notification_email: true`: Developers can click **Forgot password** in the {{site.dev_portal}} UI to set a password. diff --git a/app/_landing_pages/dev-portal/self-service.yaml b/app/_landing_pages/dev-portal/self-service.yaml index 6477ab57b5..856c1309f9 100644 --- a/app/_landing_pages/dev-portal/self-service.yaml +++ b/app/_landing_pages/dev-portal/self-service.yaml @@ -9,6 +9,8 @@ metadata: - authentication breadcrumbs: - /dev-portal/ + works_on: + - konnect rows: @@ -191,6 +193,26 @@ rows: Applications and API keys are specific to a [geographic region](/konnect-platform/geos/). When you enable application registration by selecting an authentication strategy during publication, the resulting applications and API keys are tied to the developers and traffic in that region. + - columns: + - blocks: + - type: structured_text + config: + header: + text: "Automate developer creation" + blocks: + - type: text + text: | + {% include dev-portal/create-dev-api.md %} + + - blocks: + - type: structured_text + config: + header: + text: "Automate app creation" + blocks: + - type: text + text: | + {% include dev-portal/create-app-api.md %} - header: type: h3 text: "Share applications with a team" From 8021ab5441dd5dde6bb4c5cec4e57a9490575cfc Mon Sep 17 00:00:00 2001 From: Diana <75819066+cloudjumpercat@users.noreply.github.com> Date: Mon, 20 Apr 2026 14:43:13 -0500 Subject: [PATCH 2/4] Apply suggestions from code review Co-authored-by: Mike Swierenga --- app/_includes/dev-portal/create-dev-api.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/_includes/dev-portal/create-dev-api.md b/app/_includes/dev-portal/create-dev-api.md index bf66fcd472..c26cbea7b8 100644 --- a/app/_includes/dev-portal/create-dev-api.md +++ b/app/_includes/dev-portal/create-dev-api.md @@ -42,4 +42,4 @@ body: > After they log in, they will automatically approved. > * **Basic auth:** If a developer is created in a {{site.dev_portal}} with basic auth configured, they must be able to set their password. This can be done one of two ways: > * `send_notification_email: true`: Developers can use the link in the email to set their password. -> * `send_notification_email: true`: Developers can click **Forgot password** in the {{site.dev_portal}} UI to set a password. +> * Developers can click **Forgot password** in the {{site.dev_portal}} UI to set a password, regardless of whether `send_notification_email` is `true` or `false`, From c3a331147103a663c0aef35b17a94f815175a50f Mon Sep 17 00:00:00 2001 From: Diana <75819066+cloudjumpercat@users.noreply.github.com> Date: Mon, 20 Apr 2026 15:25:52 -0500 Subject: [PATCH 3/4] Apply feedback, add dcr use case note Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> --- app/_includes/dev-portal/create-app-api.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/app/_includes/dev-portal/create-app-api.md b/app/_includes/dev-portal/create-app-api.md index c304cdf12e..41ffd4c2eb 100644 --- a/app/_includes/dev-portal/create-app-api.md +++ b/app/_includes/dev-portal/create-app-api.md @@ -1,4 +1,4 @@ -You can pre-create applications and application registrations on behalf of a developer or team using the {{site.konnect_short_name}} API. +You can automate applications and application registrations on behalf of a developer or team using the {{site.konnect_short_name}} API. 1. Create a developer application by sending a `POST` request to the `/portals/{portalId}/applications` endpoint: {% capture create-application %} @@ -18,6 +18,8 @@ body: {% endcapture %} {{create-application | indent: 3}} + + If the application is for a team, configure `type: team`. 1. Copy and export the application ID: ```sh @@ -41,4 +43,6 @@ body: {:.warning} > **DCR applications:** - > If the application will be using a DCR provider with the given auth strategy, the request must specify `dcr_client_id`. + > If the application will be using a DCR provider with the given auth strategy, your configuration depends on your use case: + > * You want to create a new DCR application, where the IdP client will be created in the identity provider and assigned a `client_id`. This will be set as the `client_id` of the application and can't be changed moving forward. **Do not** specify `dcr_client_id` or `client_id` in this case. `client_id` will be present in the response. + > * You want to create an application that is linked to an existing IdP client, but treated as if it was created via the DCR app creation process. This allows you to import existing IdP clients when onboarding your applications into {{site.konnect_short_name}}. In this case, you must specify `dcr_client_id` and `client_id` will be present in the response. From 4255f26ca38cec54c8097750d91a99ea87cd767e Mon Sep 17 00:00:00 2001 From: Diana <75819066+cloudjumpercat@users.noreply.github.com> Date: Mon, 20 Apr 2026 15:44:06 -0500 Subject: [PATCH 4/4] Changes from testing Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> --- app/_includes/dev-portal/create-app-api.md | 1 + 1 file changed, 1 insertion(+) diff --git a/app/_includes/dev-portal/create-app-api.md b/app/_includes/dev-portal/create-app-api.md index 41ffd4c2eb..104cd2b9d3 100644 --- a/app/_includes/dev-portal/create-app-api.md +++ b/app/_includes/dev-portal/create-app-api.md @@ -1,4 +1,5 @@ You can automate applications and application registrations on behalf of a developer or team using the {{site.konnect_short_name}} API. +The [authentication strategy](/dev-portal/auth-strategies/) you want to use must be enabled on your {{site.dev_portal}} and your published API. 1. Create a developer application by sending a `POST` request to the `/portals/{portalId}/applications` endpoint: {% capture create-application %}