Update application data
To update the details for an existing application, you must send a PUT request to the /register endpoint.
In the request, you must include the JSON Web Token (JWT) of your application.
To learn how to obtain the JWT, review the information in Register your application using DCR: Create a JWT.
Request
Requests must be authenticated with an access token with any valid scope (accounts, payments or openid) and must contain the Client ID of the application.
You also need to provide the updated JWT of your application.
| Parameter | Description |
|---|---|
access_token | Access token. |
client_id | Client ID of your application. |
updated_JWT | Updated JWT of your application. |
JWS | JSON Web Signature. |
To learn how to create a JWS, see Work with JSON Web Signatures.
If you get certificate errors when using curl with Sandbox, it usually means your system doesn�t trust our certificate issuer. The recommended approach is to add the certificate to your trusted store.
As a quick workaround, you can use the -k (or --insecure) option to skip certificate checks. Be aware this disables all SSL verification, which can hide issues like expired or mismatched certificates and leaves you vulnerable to man-in-the-middle attacks. For these reasons, avoid using -k in production or as a permanent solution.
Example
curl -X PUT https://oba-auth.revolut.com/register/<client_id> \
--cert transport.pem --key private.key \
-H 'Authorization: Bearer <access_token>'
-H 'x-jws-signature: <JWS>' \
--data '<updated_JWT>'
Response
The response contains a JSON object with the updated details for your application:
| JWT payload | Description |
|---|---|
client_id | The Client ID of your application. |
token_endpoint_auth_method | The authentication method. Always tls_client_auth. |
tls_client_auth_dn | The distinguished name (DN) of the transport certificate. |
id_token_signed_response_alg | The signing algorithm used to sign the id_token JWTs. Currently, only PS256 is supported. |
request_object_signing_alg | The signing algorithm used to sign request objects. Currently, only PS256 is supported. |
redirect_uris | List of allowed redirect URIs. |
org_jwks_endpoint | Your JWKs endpoint. |
org_name | Your organisation name. |
scope | List of scopes currently assigned to your application. |
Example
{
"client_id": "<your client_id>",
"token_endpoint_auth_method": "tls_client_auth",
"tls_client_auth_dn": "<your DN value>",
"id_token_signed_response_alg": "PS256",
"request_object_signing_alg": "PS256",
"redirect_uris": [
"https://example.com/callback_url",
"https://example.com/another_callback_url"
],
"org_jwks_endpoint": "<your jwks_url>",
"org_name": "<your org_name>",
"scope": [
"openid",
"accounts",
"payments"
]
}