Registering Your App

A step-by-step guide to registering your application, filling in the right details, and setting up access grants.

Before You Register#

Before registering, make sure you have the following information ready:

A clear app name — something other developers will recognize. Avoid internal codenames.
A short description — one or two sentences about what the app does.
Your app's base URL— where the API is hosted. This can be added later if you're not deployed yet.
○Documentation URL (optional) — a link to your API docs if they exist.
○LLM documentation URL (optional) — a link to machine-readable docs for AI assistants (e.g., an llms.txt file).

Registration Steps#

Go to the Applications dashboard

Log in to EDS and navigate to Dashboard → Applications. You'll see a list of all registered apps. Click the "Register App" button in the top right.

Fill in your app details

Give your app a clear, recognizable name that other developers will understand (e.g., "Inventory Tracker" not "inv-svc-v2"). Add a description explaining what the app does and who uses it. This helps other teams discover your app and understand whether they should integrate with it.

Add your base URL

Enter the URL where your app's API is accessible (e.g., https://inventory.internal.jlstradingco.com). This is informational — it helps other developers know where to reach your app. It's not used by EDS for any automated purpose.

Add documentation URLs (optional but recommended)

If your app has developer documentation, add the URL. If you have machine-readable documentation for AI assistants (like an llms.txt file), add that in the LLM Documentation URL field. These links appear on your app's detail page so other developers (and AI tools) can learn how to use your API.

Submit the registration

Click "Register Application." You'll be redirected to your app's detail page. Your app is now visible in the catalog and you're set as the owner. Your app's unique ID is shown in the URL — you'll need this later when other apps verify tokens meant for you.

After Registration: What to Do Next#

Once your app is registered, here's what you should do depending on your situation:

If your app needs to call another app#

You need to create an access grant and generate a token:

Open your app's detail page

Go to Dashboard → Applications and click on your app. Scroll down to the "Access Grants" section.

Select the target app

In the Outbound tab, use the dropdown to select the app you want your app to call. Only active apps that you don't already have a grant for will appear in the list.

Click "Create Grant"

This creates a one-directional access grant from your app to the target app. The target app's owner will see your app listed in their Inbound grants tab. No approval from the target app owner is needed — grants are self-serve.

After creating the grant, generate a token by clicking "Generate Token" on the grant row. See the Access Tokens & Verification page for details on how to use and manage tokens.

If other apps need to call your app#

You don't need to do anything in the dashboard — the calling app's owner creates the grant from their side. What you do need to do is set up token verification in your app so you can authenticate incoming requests.

Your checklist:

1.Note your app's ID from the URL of your app's detail page (e.g., /dashboard/applications/abc-123-def).
2.Install the jose library in your app (npm install jose).
3.Add token verification middleware to your API routes. See the verification code examples.
4.Check the Inbound tab on your app's detail page to see which apps have been granted access to call you.

If your app both calls and receives calls#

Do both of the above. Create outbound grants and generate tokens for the apps you call, and set up token verification for incoming requests. Each direction is independent — the grant for App A → App B has nothing to do with the grant for App B → App A.

Managing Your App#

Updating details#

You can update your app's name, description, URLs, and status at any time from the detail page. Only the app owner and admins can make changes.

Revoking a grant#

On the Outbound tab, click "Revoke" next to any grant. This immediately prevents new tokens from being generated for that grant. Note that tokens already issued will remain valid until they expire (up to 1 year). If you need to block access immediately, the target app should also remove the token from its allowlist or rotate its verification logic.

Deprecating or disabling your app#

If your app is being retired, change its status to deprecated (still functional but not recommended) or disabled(no longer in use). Disabled apps won't appear in the grant creation dropdown, so no new grants can target them.

Tips for a Good Registration#

*Use a human-readable name. "Inventory Tracker" is better than "inv-svc-prod". Other developers will see this in the catalog.
*Write a clear description. Explain what the app does, not how it's built. "Tracks warehouse inventory levels and generates reorder alerts" is better than "Node.js microservice using PostgreSQL."
*Add documentation links. Even a simple README link helps. If you have an OpenAPI spec or llms.txt, include it in the LLM documentation URL field — this makes your app accessible to AI assistants.
*Keep your info current. If your app moves to a new URL or you update your docs, update the registration. Stale information is worse than no information.

What about the old /developers/applications page?

If you were previously using the App Registry Protocol page, that page still exists as a technical quick-reference. These new pages provide more detailed, step-by-step guidance.