FusionAuth · Capability

FusionAuth API — Application

FusionAuth API — Application. 20 operations. Lead operation: Retrieves all the applications that are currently inactive. OR Retrieves the application for the given Id or all the applications if the Id . Self-contained Naftiko capability covering one business surface.

FusionAuth API — Application is a Naftiko capability published by FusionAuth, one of 33 capabilities the APIs.io network indexes for this provider. It bundles 20 operations across the POST, GET, DELETE, PATCH, and PUT methods rooted at /v1/api/application.

The capability includes 4 read-only operations and 16 state-changing operations. Lead operation: Creates an application. Can be deployed as a REST endpoint, MCP tool, or Agent Skill via Naftiko.

Tagged areas include FusionAuth and Application.

Run with Naftiko FusionAuthApplication

What You Can Do

POST
Createapplication — Creates an application. You can optionally specify an Id for the application, if not provided one will be generated.
/v1/api/application
GET
Retrieveapplication — Retrieves all the applications that are currently inactive. OR Retrieves the application for the given Id or all the applications if the Id
/v1/api/application
POST
Searchapplicationswithid — Searches applications with the specified criteria and pagination.
/v1/api/application/search
POST
Createapplicationwithid — Creates an application. You can optionally specify an Id for the application, if not provided one will be generated.
/v1/api/application/{applicationId}
DELETE
Deleteapplicationwithid — Hard deletes an application. This is a dangerous operation and should not be used in most circumstances. This will delete the application, a
/v1/api/application/{applicationId}
PATCH
Patchapplicationwithid — Updates, via PATCH, the application with the given Id.
/v1/api/application/{applicationId}
PUT
Updateapplicationwithid — Updates the application with the given Id. OR Reactivates the application with the given Id.
/v1/api/application/{applicationId}
GET
Retrieveapplicationwithid — Retrieves the application for the given Id or all the applications if the Id is null.
/v1/api/application/{applicationId}
GET
Retrieveoauthconfigurationwithid — Retrieves the Oauth2 configuration for the application for the given Application Id.
/v1/api/application/{applicationId}/oauth-configuration
POST
Createapplicationrole — Creates a new role for an application. You must specify the Id of the application you are creating the role for. You can optionally specify
/v1/api/application/{applicationId}/role
POST
Createapplicationrolewithid — Creates a new role for an application. You must specify the Id of the application you are creating the role for. You can optionally specify
/v1/api/application/{applicationId}/role/{roleId}
DELETE
Deleteapplicationrolewithid — Hard deletes an application role. This is a dangerous operation and should not be used in most circumstances. This permanently removes the g
/v1/api/application/{applicationId}/role/{roleId}
PATCH
Patchapplicationrolewithid — Updates, via PATCH, the application role with the given Id for the application.
/v1/api/application/{applicationId}/role/{roleId}
PUT
Updateapplicationrolewithid — Updates the application role with the given Id for the application.
/v1/api/application/{applicationId}/role/{roleId}
POST
Createoauthscope — Creates a new custom OAuth scope for an application. You must specify the Id of the application you are creating the scope for. You can opti
/v1/api/application/{applicationId}/scope
POST
Createoauthscopewithid — Creates a new custom OAuth scope for an application. You must specify the Id of the application you are creating the scope for. You can opti
/v1/api/application/{applicationId}/scope/{scopeId}
DELETE
Deleteoauthscopewithid — Hard deletes a custom OAuth scope. OAuth workflows that are still requesting the deleted OAuth scope may fail depending on the application's
/v1/api/application/{applicationId}/scope/{scopeId}
PATCH
Patchoauthscopewithid — Updates, via PATCH, the custom OAuth scope with the given Id for the application.
/v1/api/application/{applicationId}/scope/{scopeId}
GET
Retrieveoauthscopewithid — Retrieves a custom OAuth scope.
/v1/api/application/{applicationId}/scope/{scopeId}
PUT
Updateoauthscopewithid — Updates the OAuth scope with the given Id for the application.
/v1/api/application/{applicationId}/scope/{scopeId}

MCP Tools

fusionauth-createapplication

Creates an application. You can optionally specify an Id for the application, if not provided one will be generated.

fusionauth-retrieveapplication

Retrieves all the applications that are currently inactive. OR Retrieves the application for the given Id or all the applications if the Id

read-only idempotent
fusionauth-searchapplicationswithid

Searches applications with the specified criteria and pagination.

fusionauth-createapplicationwithid

Creates an application. You can optionally specify an Id for the application, if not provided one will be generated.

fusionauth-deleteapplicationwithid

Hard deletes an application. This is a dangerous operation and should not be used in most circumstances. This will delete the application, a

idempotent
fusionauth-patchapplicationwithid

Updates, via PATCH, the application with the given Id.

fusionauth-updateapplicationwithid

Updates the application with the given Id. OR Reactivates the application with the given Id.

idempotent
fusionauth-retrieveapplicationwithid

Retrieves the application for the given Id or all the applications if the Id is null.

read-only idempotent
fusionauth-retrieveoauthconfigurationwithid

Retrieves the Oauth2 configuration for the application for the given Application Id.

read-only idempotent
fusionauth-createapplicationrole

Creates a new role for an application. You must specify the Id of the application you are creating the role for. You can optionally specify

fusionauth-createapplicationrolewithid

Creates a new role for an application. You must specify the Id of the application you are creating the role for. You can optionally specify

fusionauth-deleteapplicationrolewithid

Hard deletes an application role. This is a dangerous operation and should not be used in most circumstances. This permanently removes the g

idempotent
fusionauth-patchapplicationrolewithid

Updates, via PATCH, the application role with the given Id for the application.

fusionauth-updateapplicationrolewithid

Updates the application role with the given Id for the application.

idempotent
fusionauth-createoauthscope

Creates a new custom OAuth scope for an application. You must specify the Id of the application you are creating the scope for. You can opti

fusionauth-createoauthscopewithid

Creates a new custom OAuth scope for an application. You must specify the Id of the application you are creating the scope for. You can opti

fusionauth-deleteoauthscopewithid

Hard deletes a custom OAuth scope. OAuth workflows that are still requesting the deleted OAuth scope may fail depending on the application's

idempotent
fusionauth-patchoauthscopewithid

Updates, via PATCH, the custom OAuth scope with the given Id for the application.

fusionauth-retrieveoauthscopewithid

Retrieves a custom OAuth scope.

read-only idempotent
fusionauth-updateoauthscopewithid

Updates the OAuth scope with the given Id for the application.

idempotent

Capability Spec

fusionauth-application.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: FusionAuth API — Application
  description: 'FusionAuth API — Application. 20 operations. Lead operation: Retrieves all the applications that are currently inactive. OR Retrieves the application for the given Id or all the applications if the Id . Self-contained Naftiko capability covering one business surface.'
  tags:
  - FusionAuth
  - Application
  created: '2026-05-20'
  modified: '2026-05-20'
binds:
- namespace: env
  keys:
    FUSIONAUTH_API_KEY: FUSIONAUTH_API_KEY
capability:
  consumes:
  - type: http
    namespace: fusionauth-application
    baseUri: http://localhost:9011
    description: FusionAuth API — Application business capability. Self-contained, no shared references.
    resources:
    - name: api-application
      path: /api/application
      operations:
      - name: createapplication
        method: POST
        description: Creates an application. You can optionally specify an Id for the application, if not provided one will be generated.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: false
      - name: retrieveapplication
        method: GET
        description: 'Retrieves all the applications that are currently inactive. OR Retrieves the application for the given Id or all the applications if the Id '
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: inactive
          in: query
          type: string
          description: query parameter inactive.
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
    - name: api-application-search
      path: /api/application/search
      operations:
      - name: searchapplicationswithid
        method: POST
        description: Searches applications with the specified criteria and pagination.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: false
    - name: api-application-applicationid
      path: /api/application/{applicationId}
      operations:
      - name: createapplicationwithid
        method: POST
        description: Creates an application. You can optionally specify an Id for the application, if not provided one will be generated.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: applicationId
          in: path
          type: string
          description: The Id to use for the application. If not provided a secure random UUID will be generated.
          required: true
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: false
      - name: deleteapplicationwithid
        method: DELETE
        description: Hard deletes an application. This is a dangerous operation and should not be used in most circumstances. This will delete the application, a
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: hardDelete
          in: query
          type: string
          description: query parameter hardDelete.
        - name: applicationId
          in: path
          type: string
          description: The Id of the application to delete.
          required: true
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
      - name: patchapplicationwithid
        method: PATCH
        description: Updates, via PATCH, the application with the given Id.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: applicationId
          in: path
          type: string
          description: The Id of the application to update.
          required: true
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: false
      - name: updateapplicationwithid
        method: PUT
        description: Updates the application with the given Id. OR Reactivates the application with the given Id.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: applicationId
          in: path
          type: string
          description: The Id of the application to update.
          required: true
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
        - name: reactivate
          in: query
          type: string
          description: query parameter reactivate.
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: false
      - name: retrieveapplicationwithid
        method: GET
        description: Retrieves the application for the given Id or all the applications if the Id is null.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: applicationId
          in: path
          type: string
          description: The application Id.
          required: true
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
    - name: api-application-applicationid-oauth-configuration
      path: /api/application/{applicationId}/oauth-configuration
      operations:
      - name: retrieveoauthconfigurationwithid
        method: GET
        description: Retrieves the Oauth2 configuration for the application for the given Application Id.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: applicationId
          in: path
          type: string
          description: The Id of the Application to retrieve OAuth configuration.
          required: true
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
    - name: api-application-applicationid-role
      path: /api/application/{applicationId}/role
      operations:
      - name: createapplicationrole
        method: POST
        description: 'Creates a new role for an application. You must specify the Id of the application you are creating the role for. You can optionally specify '
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: applicationId
          in: path
          type: string
          description: The Id of the application to create the role on.
          required: true
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: false
    - name: api-application-applicationid-role-roleid
      path: /api/application/{applicationId}/role/{roleId}
      operations:
      - name: createapplicationrolewithid
        method: POST
        description: 'Creates a new role for an application. You must specify the Id of the application you are creating the role for. You can optionally specify '
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: applicationId
          in: path
          type: string
          description: The Id of the application to create the role on.
          required: true
        - name: roleId
          in: path
          type: string
          description: The Id of the role. If not provided a secure random UUID will be generated.
          required: true
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: false
      - name: deleteapplicationrolewithid
        method: DELETE
        description: Hard deletes an application role. This is a dangerous operation and should not be used in most circumstances. This permanently removes the g
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: applicationId
          in: path
          type: string
          description: The Id of the application that the role belongs to.
          required: true
        - name: roleId
          in: path
          type: string
          description: The Id of the role to delete.
          required: true
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
      - name: patchapplicationrolewithid
        method: PATCH
        description: Updates, via PATCH, the application role with the given Id for the application.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: applicationId
          in: path
          type: string
          description: The Id of the application that the role belongs to.
          required: true
        - name: roleId
          in: path
          type: string
          description: The Id of the role to update.
          required: true
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: false
      - name: updateapplicationrolewithid
        method: PUT
        description: Updates the application role with the given Id for the application.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: applicationId
          in: path
          type: string
          description: The Id of the application that the role belongs to.
          required: true
        - name: roleId
          in: path
          type: string
          description: The Id of the role to update.
          required: true
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: false
    - name: api-application-applicationid-scope
      path: /api/application/{applicationId}/scope
      operations:
      - name: createoauthscope
        method: POST
        description: Creates a new custom OAuth scope for an application. You must specify the Id of the application you are creating the scope for. You can opti
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: applicationId
          in: path
          type: string
          description: The Id of the application to create the OAuth scope on.
          required: true
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: false
    - name: api-application-applicationid-scope-scopeid
      path: /api/application/{applicationId}/scope/{scopeId}
      operations:
      - name: createoauthscopewithid
        method: POST
        description: Creates a new custom OAuth scope for an application. You must specify the Id of the application you are creating the scope for. You can opti
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: applicationId
          in: path
          type: string
          description: The Id of the application to create the OAuth scope on.
          required: true
        - name: scopeId
          in: path
          type: string
          description: The Id of the OAuth scope. If not provided a secure random UUID will be generated.
          required: true
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: false
      - name: deleteoauthscopewithid
        method: DELETE
        description: Hard deletes a custom OAuth scope. OAuth workflows that are still requesting the deleted OAuth scope may fail depending on the application's
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: applicationId
          in: path
          type: string
          description: The Id of the application that the OAuth scope belongs to.
          required: true
        - name: scopeId
          in: path
          type: string
          description: The Id of the OAuth scope to delete.
          required: true
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
      - name: patchoauthscopewithid
        method: PATCH
        description: Updates, via PATCH, the custom OAuth scope with the given Id for the application.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: applicationId
          in: path
          type: string
          description: The Id of the application that the OAuth scope belongs to.
          required: true
        - name: scopeId
          in: path
          type: string
          description: The Id of the OAuth scope to update.
          required: true
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: false
      - name: retrieveoauthscopewithid
        method: GET
        description: Retrieves a custom OAuth scope.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: applicationId
          in: path
          type: string
          description: The Id of the application that the OAuth scope belongs to.
          required: true
        - name: scopeId
          in: path
          type: string
          description: The Id of the OAuth scope to retrieve.
          required: true
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
      - name: updateoauthscopewithid
        method: PUT
        description: Updates the OAuth scope with the given Id for the application.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: applicationId
          in: path
          type: string
          description: The Id of the application that the OAuth scope belongs to.
          required: true
        - name: scopeId
          in: path
          type: string
          description: The Id of the OAuth scope to update.
          required: true
        - name: X-FusionAuth-TenantId
          in: header
          type: string
          description: The unique Id of the tenant used to scope this API request. Only required when there is more than one tenant and the API key is not tenant-scoped.
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: false
  exposes:
  - type: rest
    namespace: fusionauth-application-rest
    port: 8080
    description: REST adapter for FusionAuth API — Application. One resource per consumed operation, prefixed with /v1.
    resources:
    - path: /v1/api/application
      name: api-application
      description: REST surface for api-application.
      operations:
      - method: POST
        name: createapplication
        description: Creates an application. You can optionally specify an Id for the application, if not provided one will be generated.
        call: fusionauth-application.createapplication
        with:
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: GET
        name: retrieveapplication
        description: 'Retrieves all the applications that are currently inactive. OR Retrieves the application for the given Id or all the applications if the Id '
        call: fusionauth-application.retrieveapplication
        with:
          inactive: rest.inactive
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/application/search
      name: api-application-search
      description: REST surface for api-application-search.
      operations:
      - method: POST
        name: searchapplicationswithid
        description: Searches applications with the specified criteria and pagination.
        call: fusionauth-application.searchapplicationswithid
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/application/{applicationId}
      name: api-application-applicationid
      description: REST surface for api-application-applicationid.
      operations:
      - method: POST
        name: createapplicationwithid
        description: Creates an application. You can optionally specify an Id for the application, if not provided one will be generated.
        call: fusionauth-application.createapplicationwithid
        with:
          applicationId: rest.applicationId
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: DELETE
        name: deleteapplicationwithid
        description: Hard deletes an application. This is a dangerous operation and should not be used in most circumstances. This will delete the application, a
        call: fusionauth-application.deleteapplicationwithid
        with:
          hardDelete: rest.hardDelete
          applicationId: rest.applicationId
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
        outputParameters:
        - type: object
          mapping: $.
      - method: PATCH
        name: patchapplicationwithid
        description: Updates, via PATCH, the application with the given Id.
        call: fusionauth-application.patchapplicationwithid
        with:
          applicationId: rest.applicationId
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: PUT
        name: updateapplicationwithid
        description: Updates the application with the given Id. OR Reactivates the application with the given Id.
        call: fusionauth-application.updateapplicationwithid
        with:
          applicationId: rest.applicationId
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
          reactivate: rest.reactivate
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: GET
        name: retrieveapplicationwithid
        description: Retrieves the application for the given Id or all the applications if the Id is null.
        call: fusionauth-application.retrieveapplicationwithid
        with:
          applicationId: rest.applicationId
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/application/{applicationId}/oauth-configuration
      name: api-application-applicationid-oauth-configuration
      description: REST surface for api-application-applicationid-oauth-configuration.
      operations:
      - method: GET
        name: retrieveoauthconfigurationwithid
        description: Retrieves the Oauth2 configuration for the application for the given Application Id.
        call: fusionauth-application.retrieveoauthconfigurationwithid
        with:
          applicationId: rest.applicationId
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/application/{applicationId}/role
      name: api-application-applicationid-role
      description: REST surface for api-application-applicationid-role.
      operations:
      - method: POST
        name: createapplicationrole
        description: 'Creates a new role for an application. You must specify the Id of the application you are creating the role for. You can optionally specify '
        call: fusionauth-application.createapplicationrole
        with:
          applicationId: rest.applicationId
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/application/{applicationId}/role/{roleId}
      name: api-application-applicationid-role-roleid
      description: REST surface for api-application-applicationid-role-roleid.
      operations:
      - method: POST
        name: createapplicationrolewithid
        description: 'Creates a new role for an application. You must specify the Id of the application you are creating the role for. You can optionally specify '
        call: fusionauth-application.createapplicationrolewithid
        with:
          applicationId: rest.applicationId
          roleId: rest.roleId
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: DELETE
        name: deleteapplicationrolewithid
        description: Hard deletes an application role. This is a dangerous operation and should not be used in most circumstances. This permanently removes the g
        call: fusionauth-application.deleteapplicationrolewithid
        with:
          applicationId: rest.applicationId
          roleId: rest.roleId
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
        outputParameters:
        - type: object
          mapping: $.
      - method: PATCH
        name: patchapplicationrolewithid
        description: Updates, via PATCH, the application role with the given Id for the application.
        call: fusionauth-application.patchapplicationrolewithid
        with:
          applicationId: rest.applicationId
          roleId: rest.roleId
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: PUT
        name: updateapplicationrolewithid
        description: Updates the application role with the given Id for the application.
        call: fusionauth-application.updateapplicationrolewithid
        with:
          applicationId: rest.applicationId
          roleId: rest.roleId
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/application/{applicationId}/scope
      name: api-application-applicationid-scope
      description: REST surface for api-application-applicationid-scope.
      operations:
      - method: POST
        name: createoauthscope
        description: Creates a new custom OAuth scope for an application. You must specify the Id of the application you are creating the scope for. You can opti
        call: fusionauth-application.createoauthscope
        with:
          applicationId: rest.applicationId
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/application/{applicationId}/scope/{scopeId}
      name: api-application-applicationid-scope-scopeid
      description: REST surface for api-application-applicationid-scope-scopeid.
      operations:
      - method: POST
        name: createoauthscopewithid
        description: Creates a new custom OAuth scope for an application. You must specify the Id of the application you are creating the scope for. You can opti
        call: fusionauth-application.createoauthscopewithid
        with:
          applicationId: rest.applicationId
          scopeId: rest.scopeId
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: DELETE
        name: deleteoauthscopewithid
        description: Hard deletes a custom OAuth scope. OAuth workflows that are still requesting the deleted OAuth scope may fail depending on the application's
        call: fusionauth-application.deleteoauthscopewithid
        with:
          applicationId: rest.applicationId
          scopeId: rest.scopeId
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
        outputParameters:
        - type: object
          mapping: $.
      - method: PATCH
        name: patchoauthscopewithid
        description: Updates, via PATCH, the custom OAuth scope with the given Id for the application.
        call: fusionauth-application.patchoauthscopewithid
        with:
          applicationId: rest.applicationId
          scopeId: rest.scopeId
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: GET
        name: retrieveoauthscopewithid
        description: Retrieves a custom OAuth scope.
        call: fusionauth-application.retrieveoauthscopewithid
        with:
          applicationId: rest.applicationId
          scopeId: rest.scopeId
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
        outputParameters:
        - type: object
          mapping: $.
      - method: PUT
        name: updateoauthscopewithid
        description: Updates the OAuth scope with the given Id for the application.
        call: fusionauth-application.updateoauthscopewithid
        with:
          applicationId: rest.applicationId
          scopeId: rest.scopeId
          X-FusionAuth-TenantId: rest.X-FusionAuth-TenantId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    namespace: fusionauth-application-mcp
    port: 9090
    transport: http
    description: MCP adapter for FusionAuth API — Application. One tool per consumed operation, routed inline through this capability's consumes block.
    tools:
    - name: fusionauth-createapplication
      description: Creates an application. You can optionally specify an Id for the application, if not provided one will be generated.
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: fusionauth-application.createapplication
      with:
        X-FusionAuth-TenantId: tools.X-FusionAuth-TenantId
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: fusionauth-retrieveapplication
      description: 'Retrieves all the applications that are currently inactive. OR Retrieves the application for the given Id or all the applications if the Id '
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: fusionauth-application.retrieveapplication
      with:
        inactive: tools.inactive
        X-FusionAuth-TenantId: tools.X-FusionAuth-TenantId
      outputParameters:
      - type: object
        mapping: $.
    - name: fusionauth-searchapplicationswithid
      description: Searches applications with the specified criteria and pagination.
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: fusionauth-application.searchapplicationswithid
      with:
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: fusionauth-createapplicationwithid
      description: Creates an application. You can optionally specify an Id for the application, if not provided one will be generated.
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: fusionauth-application.createapplicationwithid
      with:
        applicationId: tools.applicationId
        X-FusionAuth-TenantId: tools.X-FusionAuth-TenantId
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: fusionauth-deleteapplicationwithid
      description: Hard deletes an application. This is a dangerous operation and should

# --- truncated at 32 KB (40 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/fusionauth/refs/heads/main/capabilities/fusionauth-application.yaml