App properties
Here's a brief explanation of each of the app properties you'll see when registering and customizing your app. We've listed them in alphabetical order.
Allowlist domains
An allowlist of CORS domains. You may use an asterisk (*) as a wildcard for part of a domain.
Examples:
google.com
*.ngrok.io
App description
The description of the app. This text appears in My apps, so that you may describe the app's intended function.
Example:
My Awesome App does a, b, and c. It does not do x, y or z.
App name
The name of your app. The App name appears in the following locations:
- Your company's integrations.
- Integrations.
- On the Mural user consent screen and within error messaging.
Example:
My Awesome App
Connect link
The URL of the setup instructions for the app. This is a reliable link used to take users to the app homepage. It is used when:
- The user clicks the app card on Integrations.
- The user clicks the "Go Back to {clientName}" button at the bottom of error message screens, such as if OAuth fails.
Example:
https://myawesomeapp.com
Learn more link
The URL of your app's documentation or home page. It is displayed on the unlisted details page, to give admins broader context of app usage.
Example:
https://myawesomeapp.com/docs/
Permission scopes
An allowlist of scopes that the app may access. If the app attempts to access scopes outside this allowlist (during OAuth flow initialization), the default "Uh-oh page" is displayed.
Changing an app's permission scopes after an app is installed can affect the user experience. See Making changes to scopes for more information.
Examples:
rooms:read
workspaces:read
murals:write
Promotional image
The URL of an image, used as the app logo. It is displayed on My apps, the consent screen, and on Integrations. If the URL is not valid, a warning icon is displayed in place of the image in My apps and a default browser broken image on the consent screen and Integrations.
Example:
https://myawesomeapp.com/logo.png
Summary
A short and catchy description of your app that shows on the Integrations page. Think of your summary as an elevator pitch about your app. This description shows up on the Integrations catalog card with the Connect link.
Redirect URLs
An allowlist of all redirect URLs accepted for completing the OAuth flow. If the redirect URL is not in this list, the error message text is displayed when initializing the OAuth flow.
If you're testing the API through Postman, a common redirect URL is https://oauth.pstmn.io/v1/callback
.
Examples:
https://myawesomeapp.com/oauth2/callback
https://testing.myawesomeapp.com/oauth/callback
Reject URL
The URL of a page to display for the following errors:
- The requested scopes are empty. This indicates an issue with OAuth flow.
- The company that the user belongs to does not allow this application for their users. This indicates a configuration issue on the company side.
Example:
https://myawesomeapp.com/oops
The single reject URL is used for all error types listed above. If not defined, the default "Uh-oh page" is used:
Updated almost 2 years ago