wso2 · lasanthaS · Jun 22, 2026 · Jun 21, 2026 · Jun 21, 2026 · Jun 21, 2026
@@ -72,9 +72,10 @@ Base URLs:
 
 ### [Applications](applications.md)
 
-- [Create an application for the authenticated user's organization](applications.md#create-an-application-for-the-authenticated-users-organization)
-- [Update an application for the authenticated user](applications.md#update-an-application-for-the-authenticated-user)
-- [Delete an application for the authenticated user](applications.md#delete-an-application-for-the-authenticated-user)
+- [List applications for the authenticated user](applications.md#list-applications-for-the-authenticated-user)
+- [Create an application](applications.md#create-an-application)
+- [Update an application](applications.md#update-an-application)
+- [Delete an application](applications.md#delete-an-application)
 
 ### [Subscriptions](subscriptions.md)
 

@@ -4,13 +4,13 @@
 
 <a id="opIdgenerateApplicationKeys"></a>
 
-`POST /applications/{applicationId}/generate-keys`
+`POST /o/{orgId}/devportal/v1/applications/{applicationId}/generate-keys`
 
 > Code samples
 
 ```shell
 
-curl -X POST https://devportal.api-platform.io/applications/{applicationId}/generate-keys \
+curl -X POST https://devportal.api-platform.io/o/{orgId}/devportal/v1/applications/{applicationId}/generate-keys \
   -u {username}:{password} \
   -H 'Content-Type: application/json' \
   -H 'Accept: application/json' \
@@ -51,6 +51,7 @@ This operation requires <strong>Basic Auth</strong> authentication.
 |Name|In|Type|Required|Description|
 |---|---|---|---|---|
 |body|body|[AppKeyMappingRequest](schemas.md#schemaappkeymappingrequest)|true|OAuth key generation payload. The application is identified by the `applicationId` path parameter.|
+|orgId|path|string|true|none|
 |applicationId|path|string|true|none|
 
 > Example responses
@@ -144,13 +145,13 @@ This operation requires <strong>Basic Auth</strong> authentication.
 
 <a id="opIdgenerateOAuthKeys"></a>
 
-`POST /applications/{applicationId}/oauth-keys/{keyMappingId}/generate-token`
+`POST /o/{orgId}/devportal/v1/applications/{applicationId}/oauth-keys/{keyMappingId}/generate-token`
 
 > Code samples
 
 ```shell
 
-curl -X POST https://devportal.api-platform.io/applications/{applicationId}/oauth-keys/{keyMappingId}/generate-token \
+curl -X POST https://devportal.api-platform.io/o/{orgId}/devportal/v1/applications/{applicationId}/oauth-keys/{keyMappingId}/generate-token \
   -u {username}:{password} \
   -H 'Content-Type: application/json' \
   -H 'Accept: application/json' \
@@ -185,6 +186,7 @@ This operation requires <strong>Basic Auth</strong> authentication.
 |Name|In|Type|Required|Description|
 |---|---|---|---|---|
 |body|body|[OAuthGenerateTokenRequest](schemas.md#schemaoauthgeneratetokenrequest)|false|OAuth token generation payload. The portal calls the Authorization Server token endpoint directly.|
+|orgId|path|string|true|none|
 |applicationId|path|string|true|none|
 |keyMappingId|path|string|true|none|
 
@@ -262,13 +264,13 @@ This operation requires <strong>Basic Auth</strong> authentication.
 
 <a id="opIdrevokeOAuthKeys"></a>
 
-`DELETE /applications/{applicationId}/oauth-keys/{keyMappingId}`
+`DELETE /o/{orgId}/devportal/v1/applications/{applicationId}/oauth-keys/{keyMappingId}`
 
 > Code samples
 
 ```shell
 
-curl -X DELETE https://devportal.api-platform.io/applications/{applicationId}/oauth-keys/{keyMappingId} \
+curl -X DELETE https://devportal.api-platform.io/o/{orgId}/devportal/v1/applications/{applicationId}/oauth-keys/{keyMappingId} \
   -u {username}:{password} \
   -H 'Accept: application/json' \
   -H 'Authorization: Bearer {access-token}'
@@ -288,6 +290,7 @@ This operation requires <strong>Basic Auth</strong> authentication.
 
 |Name|In|Type|Required|Description|
 |---|---|---|---|---|
+|orgId|path|string|true|none|
 |applicationId|path|string|true|none|
 |keyMappingId|path|string|true|none|
 
@@ -335,13 +338,13 @@ This operation requires <strong>Basic Auth</strong> authentication.
 
 <a id="opIdupdateOAuthKeys"></a>
 
-`PUT /applications/{applicationId}/oauth-keys/{keyMappingId}`
+`PUT /o/{orgId}/devportal/v1/applications/{applicationId}/oauth-keys/{keyMappingId}`
 
 > Code samples
 
 ```shell
 
-curl -X PUT https://devportal.api-platform.io/applications/{applicationId}/oauth-keys/{keyMappingId} \
+curl -X PUT https://devportal.api-platform.io/o/{orgId}/devportal/v1/applications/{applicationId}/oauth-keys/{keyMappingId} \
   -u {username}:{password} \
   -H 'Content-Type: application/json' \
   -H 'Accept: application/json' \
@@ -377,6 +380,7 @@ This operation requires <strong>Basic Auth</strong> authentication.
 |Name|In|Type|Required|Description|
 |---|---|---|---|---|
 |body|body|[OAuthKeyUpdateRequest](schemas.md#schemaoauthkeyupdaterequest)|false|OAuth key update payload forwarded to the configured key manager.|
+|orgId|path|string|true|none|
 |applicationId|path|string|true|none|
 |keyMappingId|path|string|true|none|
 
@@ -460,13 +464,13 @@ This operation requires <strong>Basic Auth</strong> authentication.
 
 <a id="opIdcleanUpOAuthKeys"></a>
 
-`POST /applications/{applicationId}/oauth-keys/{keyMappingId}/clean-up`
+`POST /o/{orgId}/devportal/v1/applications/{applicationId}/oauth-keys/{keyMappingId}/clean-up`
 
 > Code samples
 
 ```shell
 
-curl -X POST https://devportal.api-platform.io/applications/{applicationId}/oauth-keys/{keyMappingId}/clean-up \
+curl -X POST https://devportal.api-platform.io/o/{orgId}/devportal/v1/applications/{applicationId}/oauth-keys/{keyMappingId}/clean-up \
   -u {username}:{password} \
   -H 'Content-Type: application/json' \
   -H 'Accept: application/json' \
@@ -498,6 +502,7 @@ This operation requires <strong>Basic Auth</strong> authentication.
 |Name|In|Type|Required|Description|
 |---|---|---|---|---|
 |body|body|[OAuthKeyCleanUpRequest](schemas.md#schemaoauthkeycleanuprequest)|false|OAuth cleanup payload forwarded to the configured key manager.|
+|orgId|path|string|true|none|
 |applicationId|path|string|true|none|
 |keyMappingId|path|string|true|none|
 

@@ -1,16 +1,103 @@
 <h1 id="wso2-api-developer-portal-core-devportal-routes-applications">Applications</h1>
 
-## Create an application for the authenticated user's organization
+## List applications for the authenticated user
+
+<a id="opIdlistApplications"></a>
+
+`GET /o/{orgId}/devportal/v1/applications`
+
+> Code samples
+
+```shell
+
+curl -X GET https://devportal.api-platform.io/o/{orgId}/devportal/v1/applications \
+  -u {username}:{password} \
+  -H 'Accept: application/json' \
+  -H 'Authorization: Bearer {access-token}'
+
+```
+
+Returns all applications owned by the authenticated user in the specified organization.
+
+### Authentication
+
+<aside class="warning">
+This operation requires <strong>Basic Auth</strong> authentication.
+
+</aside>
+
+<h3 id="list-applications-for-the-authenticated-user-parameters">Parameters</h3>
+
+|Name|In|Type|Required|Description|
+|---|---|---|---|---|
+|orgId|path|string|true|none|
+
+> Example responses
+
+> 200 Response
+
+```json
+[
+  {
+    "id": "app-12345",
+    "name": "Weather App",
+    "description": "Application used to call Weather APIs.",
+    "type": "WEB",
+    "appMap": [
+      {
+        "appRefID": "cp-app-98765",
+        "token": "OAUTH",
+        "shared": true
+      }
+    ]
+  }
+]
+```
+
+> 500 Response
+
+```json
+{
+  "code": "500",
+  "message": "Internal Server Error",
+  "description": "Internal Server Error"
+}
+```
+
+<h3 id="list-applications-for-the-authenticated-user-responses">Responses</h3>
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|List of application DTOs.|Inline|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|Internal server error.|[ErrorResponse](schemas.md#schemaerrorresponse)|
+
+<h3 id="list-applications-for-the-authenticated-user-responseschema">Response Schema</h3>
+
+Status Code **200**
+
+|Name|Type|Required|Restrictions|Description|
+|---|---|---|---|---|
+|*anonymous*|[[ApplicationResponse](schemas.md#schemaapplicationresponse)]|false|none|none|
+|» id|string|false|none|none|
+|» name|string|false|none|none|
+|» description|string|false|none|none|
+|» type|string|false|none|none|
+|» appMap|[[ApplicationKeyMappingSummary](schemas.md#schemaapplicationkeymappingsummary)]|false|none|none|
+|»» appRefID|string|false|none|none|
+|»» token|string|false|none|none|
+|»» shared|boolean|false|none|none|
+
+## Create an application
 
 <a id="opIdsaveApplication"></a>
 
-`POST /applications`
+`POST /o/{orgId}/devportal/v1/applications`
 
 > Code samples
 
 ```shell
 
-curl -X POST https://devportal.api-platform.io/applications \
+curl -X POST https://devportal.api-platform.io/o/{orgId}/devportal/v1/applications \
   -u {username}:{password} \
   -H 'Content-Type: application/json' \
   -H 'Accept: application/json' \
@@ -19,7 +106,7 @@ curl -X POST https://devportal.api-platform.io/applications \
 
 ```
 
-Creates a Developer Portal application in the organization resolved from the authenticated user's organization identifier. The request may be JSON, multipart form fields, or an application YAML file in the `application` multipart field.
+Creates a Developer Portal application in the specified organization. The request may be JSON, multipart form fields, or an application YAML file in the `application` multipart field.
 
 > Payload
 
@@ -45,11 +132,12 @@ This operation requires <strong>Basic Auth</strong> authentication.
 
 </aside>
 
-<h3 id="create-an-application-for-the-authenticated-user's-organization-parameters">Parameters</h3>
+<h3 id="create-an-application-parameters">Parameters</h3>
 
 |Name|In|Type|Required|Description|
 |---|---|---|---|---|
 |body|body|[ApplicationRequest](schemas.md#schemaapplicationrequest)|true|Application payload. Send JSON, multipart form fields, or an application YAML file in the `application` field. When YAML is used, the service reads `spec.displayName` or `metadata.name` as the application name and `spec.description` as the description.|
+|orgId|path|string|true|none|
 
 > Example responses
 
@@ -110,7 +198,7 @@ This operation requires <strong>Basic Auth</strong> authentication.
 }
 ```
 
-<h3 id="create-an-application-for-the-authenticated-user's-organization-responses">Responses</h3>
+<h3 id="create-an-application-responses">Responses</h3>
 
 |Status|Meaning|Description|Schema|
 |---|---|---|---|
@@ -119,19 +207,19 @@ This operation requires <strong>Basic Auth</strong> authentication.
 |409|[Conflict](https://tools.ietf.org/html/rfc7231#section-6.5.8)|Duplicate organization data conflicts with an existing record.|[ErrorResponse](schemas.md#schemaerrorresponse)|
 |500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|Internal server error.|[ErrorResponse](schemas.md#schemaerrorresponse)|
 
-<h3 id="create-an-application-for-the-authenticated-user's-organization-responseschema">Response Schema</h3>
+<h3 id="create-an-application-responseschema">Response Schema</h3>
 
-## Update an application for the authenticated user
+## Update an application
 
 <a id="opIdupdateApplication"></a>
 
-`PUT /applications/{applicationId}`
+`PUT /o/{orgId}/devportal/v1/applications/{applicationId}`
 
 > Code samples
 
 ```shell
 
-curl -X PUT https://devportal.api-platform.io/applications/{applicationId} \
+curl -X PUT https://devportal.api-platform.io/o/{orgId}/devportal/v1/applications/{applicationId} \
   -u {username}:{password} \
   -H 'Content-Type: application/json' \
   -H 'Accept: application/json' \
@@ -140,7 +228,7 @@ curl -X PUT https://devportal.api-platform.io/applications/{applicationId} \
 
 ```
 
-Updates an application owned by the authenticated user in the organization resolved from the authenticated user's organization identifier. The request may be JSON, multipart form fields, or an application YAML file in the `application` multipart field.
+Updates an application owned by the authenticated user in the specified organization. The request may be JSON, multipart form fields, or an application YAML file in the `application` multipart field.
 
 > Payload
 
@@ -166,11 +254,12 @@ This operation requires <strong>Basic Auth</strong> authentication.
 
 </aside>
 
-<h3 id="update-an-application-for-the-authenticated-user-parameters">Parameters</h3>
+<h3 id="update-an-application-parameters">Parameters</h3>
 
 |Name|In|Type|Required|Description|
 |---|---|---|---|---|
 |body|body|[ApplicationRequest](schemas.md#schemaapplicationrequest)|true|Application payload. Send JSON, multipart form fields, or an application YAML file in the `application` field. When YAML is used, the service reads `spec.displayName` or `metadata.name` as the application name and `spec.description` as the description.|
+|orgId|path|string|true|none|
 |applicationId|path|string|true|none|
 
 > Example responses
@@ -242,7 +331,7 @@ This operation requires <strong>Basic Auth</strong> authentication.
 }
 ```
 
-<h3 id="update-an-application-for-the-authenticated-user-responses">Responses</h3>
+<h3 id="update-an-application-responses">Responses</h3>
 
 |Status|Meaning|Description|Schema|
 |---|---|---|---|
@@ -252,19 +341,19 @@ This operation requires <strong>Basic Auth</strong> authentication.
 |409|[Conflict](https://tools.ietf.org/html/rfc7231#section-6.5.8)|Duplicate organization data conflicts with an existing record.|[ErrorResponse](schemas.md#schemaerrorresponse)|
 |500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|Internal server error.|[ErrorResponse](schemas.md#schemaerrorresponse)|
 
-<h3 id="update-an-application-for-the-authenticated-user-responseschema">Response Schema</h3>
+<h3 id="update-an-application-responseschema">Response Schema</h3>
 
-## Delete an application for the authenticated user
+## Delete an application
 
 <a id="opIddeleteApplication"></a>
 
-`DELETE /applications/{applicationId}`
+`DELETE /o/{orgId}/devportal/v1/applications/{applicationId}`
 
 > Code samples
 
 ```shell
 
-curl -X DELETE https://devportal.api-platform.io/applications/{applicationId} \
+curl -X DELETE https://devportal.api-platform.io/o/{orgId}/devportal/v1/applications/{applicationId} \
   -u {username}:{password} \
   -H 'Accept: text/plain' \
   -H 'Authorization: Bearer {access-token}'
@@ -280,10 +369,11 @@ This operation requires <strong>Basic Auth</strong> authentication.
 
 </aside>
 
-<h3 id="delete-an-application-for-the-authenticated-user-parameters">Parameters</h3>
+<h3 id="delete-an-application-parameters">Parameters</h3>
 
 |Name|In|Type|Required|Description|
 |---|---|---|---|---|
+|orgId|path|string|true|none|
 |applicationId|path|string|true|none|
 
 > Example responses
@@ -314,7 +404,7 @@ This operation requires <strong>Basic Auth</strong> authentication.
 }
 ```
 
-<h3 id="delete-an-application-for-the-authenticated-user-responses">Responses</h3>
+<h3 id="delete-an-application-responses">Responses</h3>
 
 |Status|Meaning|Description|Schema|
 |---|---|---|---|