:doc:`SSOAdmin <../../sso-admin>` / Client / create_application

******************
create_application
******************



.. py:method:: SSOAdmin.Client.create_application(**kwargs)

  

  Creates an OAuth 2.0 customer managed application in IAM Identity Center for the given application provider.

   

  .. note::

    

    This API does not support creating SAML 2.0 customer managed applications or Amazon Web Services managed applications. To learn how to create an Amazon Web Services managed application, see the application user guide. You can create a SAML 2.0 customer managed application in the Amazon Web Services Management Console only. See `Setting up customer managed SAML 2.0 applications <https://docs.aws.amazon.com/singlesignon/latest/userguide/customermanagedapps-saml2-setup.html>`__. For more information on these application types, see `Amazon Web Services managed applications <https://docs.aws.amazon.com/singlesignon/latest/userguide/awsapps.html>`__.

    

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/sso-admin-2020-07-20/CreateApplication>`_  


  **Request Syntax**
  ::

    response = client.create_application(
        InstanceArn='string',
        ApplicationProviderArn='string',
        Name='string',
        Description='string',
        PortalOptions={
            'SignInOptions': {
                'Origin': 'IDENTITY_CENTER'|'APPLICATION',
                'ApplicationUrl': 'string'
            },
            'Visibility': 'ENABLED'|'DISABLED'
        },
        Tags=[
            {
                'Key': 'string',
                'Value': 'string'
            },
        ],
        Status='ENABLED'|'DISABLED',
        ClientToken='string'
    )
    
  :type InstanceArn: string
  :param InstanceArn: **[REQUIRED]** 

    The ARN of the instance of IAM Identity Center under which the operation will run. For more information about ARNs, see `Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces </general/latest/gr/aws-arns-and-namespaces.html>`__ in the *Amazon Web Services General Reference*.

    

  
  :type ApplicationProviderArn: string
  :param ApplicationProviderArn: **[REQUIRED]** 

    The ARN of the application provider under which the operation will run.

    

  
  :type Name: string
  :param Name: **[REQUIRED]** 

    The name of the .

    

  
  :type Description: string
  :param Description: 

    The description of the .

    

  
  :type PortalOptions: dict
  :param PortalOptions: 

    A structure that describes the options for the portal associated with an application.

    

  
    - **SignInOptions** *(dict) --* 

      A structure that describes the sign-in options for the access portal.

      

    
      - **Origin** *(string) --* **[REQUIRED]** 

        This determines how IAM Identity Center navigates the user to the target application. It can be one of the following values:

         

        
        * ``APPLICATION``: IAM Identity Center redirects the customer to the configured ``ApplicationUrl``.
         
        * ``IDENTITY_CENTER``: IAM Identity Center uses SAML identity-provider initiated authentication to sign the customer directly into a SAML-based application.
        

        

      
      - **ApplicationUrl** *(string) --* 

        The URL that accepts authentication requests for an application. This is a required parameter if the ``Origin`` parameter is ``APPLICATION``.

        

      
    
    - **Visibility** *(string) --* 

      Indicates whether this application is visible in the access portal.

      

    
  
  :type Tags: list
  :param Tags: 

    Specifies tags to be attached to the application.

    

  
    - *(dict) --* 

      A set of key-value pairs that are used to manage the resource. Tags can only be applied to permission sets and cannot be applied to corresponding roles that IAM Identity Center creates in Amazon Web Services accounts.

      

    
      - **Key** *(string) --* **[REQUIRED]** 

        The key for the tag.

        

      
      - **Value** *(string) --* **[REQUIRED]** 

        The value of the tag.

        

      
    

  :type Status: string
  :param Status: 

    Specifies whether the application is enabled or disabled.

    

  
  :type ClientToken: string
  :param ClientToken: 

    Specifies a unique, case-sensitive ID that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a `UUID type of value <https://wikipedia.org/wiki/Universally_unique_identifier>`__.

     

    If you don't provide this value, then Amazon Web Services generates a random one for you.

     

    If you retry the operation with the same ``ClientToken``, but with different parameters, the retry fails with an ``IdempotentParameterMismatch`` error.

    This field is autopopulated if not provided.

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'ApplicationArn': 'string'
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **ApplicationArn** *(string) --* 

        Specifies the ARN of the application.

        
  
  **Exceptions**
  
  *   :py:class:`SSOAdmin.Client.exceptions.ServiceQuotaExceededException`

  
  *   :py:class:`SSOAdmin.Client.exceptions.ThrottlingException`

  
  *   :py:class:`SSOAdmin.Client.exceptions.InternalServerException`

  
  *   :py:class:`SSOAdmin.Client.exceptions.ResourceNotFoundException`

  
  *   :py:class:`SSOAdmin.Client.exceptions.AccessDeniedException`

  
  *   :py:class:`SSOAdmin.Client.exceptions.ValidationException`

  
  *   :py:class:`SSOAdmin.Client.exceptions.ConflictException`

  