See api-docs Menu

List Apps

Use this API to return a list of all Apps in a OneLogin account.

Resource URL


Header Parameters




Set to bearer <access_token>.

Set <access_token> to the access token you generated using the Generate Token API.

The access token must have been generated using an API credential pair created using the scope required to call this API. This API can be called using any one of the following scopes: Manage All, Read All.

Query Parameters

Standard pagination is supported. Max page limit is 1000. See Pagination for detail on how this works.



The name or partial name of the app to search for. When using a partial name you must append a wildcard `*`

e.g. GET /apps?name=workday*



Returns all apps based off a specific connector. See List Connectors for a complete list of Connector IDs.



Returns all apps based of a given type.

  • 0 - Password
  • 1 - OpenId
  • 2 - SAML
  • 3 - API
  • 4 - Google
  • 6 - Forms Based App
  • 7 - WSFED
  • 8 - OpenId Connect

Sample Responses

      "id": 1061937,
      "connector_id": 50534,
      "auth_method": 2,
      "auth_method_description": "SAML2.0",
      "name": "Amazon Web Services (AWS) Multi Role",
      "description": "",
      "updated_at": "2020-01-14T21:21:06Z",
      "created_at": "2020-01-14T21:21:06Z",
      "visible": true

Typically, this error means that your access token value is invalid.

    "message": "Unauthorized",
    "statusCode": 401,
    "name": "UnauthorizedError"

Indicates that the syntax of the request is good but a value supplied is not valid.

    "message": "invalid value in \"auth_method\"",
    "statusCode": 422,
    "name": "UnprocessableEntityError"

Response Elements

id Apps unique ID in OneLogin.
connector_id ID of the apps underlying connector.
name App name.
description Freeform description of the app.
notes Freeform notes about the app.
visible Indicates if the app is visible in the OneLogin portal.
auth_method An ID indicating the type of app. See above for possible values.
tab_id ID of the OneLogin portal tab that the app is assigned to.
created_at The date the app was created.
updated_at The date the app was last updated.
allow_assumed_signin Indicates whether or not administrators can access the app as a user that they have assumed control over.

Postman Collection

Run In Postman

    Clicking Run in Postman button navigates to the page where you can fork the collection to your workspace. Forking the collection into your workspace will enable you to contribute to the source collection using pull requests. You can also view the collection in a public workspace if you like and even import a copy of the collection using the links present on the screen.

Sample Code


Replace sample values indicated by < > with your actual values.

List Apps

curl 'https://<subdomain>/api/2/apps' \
-X GET \
-H "Authorization: bearer <access_token>"

Have a Question?

Found a problem or a bug? Submit a support ticket.

Looking for walkthroughs or how-to guides on OneLogin's user and admin features? Check out the documentation in our Knowledge Base.

Have a product idea or request? Share it with us in our Ideas Portal.