Authorization added
SSE event emitted when a user grants your application an authorization for a tenant
event: AUTHORIZATION_ADDEDEmitted when a user grants your application an authorization for a tenant. Use it as the server-side counterpart to the OAuth consent redirect, so that long-lived backends can react to new authorizations without parsing the redirect URL on the user-facing side.
An authorization is uniquely identified by the triple (tenant_id, application_id, scope). The application_id is implicit from the authenticated subscription on the SSE connection; tenant_id and scope are explicit on the event. At present, the only scope in use is endpoints:manage. Additional scopes may be introduced in future revisions; if so, treat authorizations with different scopes as distinct, even when tenant_id matches.
Data fields
| Field | Type | Required | Description |
|---|---|---|---|
event_type | string (AUTHORIZATION_ADDED) | yes | Discriminator; matches the event: line. |
tenant | TenantInfo | yes | The tenant for which the authorization was added, with its currently visible endpoints. |
scope | string | yes | The OAuth scope granted. Today the only value in use is endpoints:manage. |
tenant.endpoints follows the same privacy rule as elsewhere in the API: until your application has at least one of its own endpoints in this tenant, the array is empty even if other endpoints exist there.
Sample frame
event: AUTHORIZATION_ADDED
data: {"event_type":"AUTHORIZATION_ADDED","tenant":{"tenant_id":"12345678-abcd-ef01-2345-6789abcdef01","endpoints":[]},"scope":"endpoints:manage"}