---
descriptions:
  connect_application:
    self: A Connect Application object.
    object: Always "connect_application".
    id: Unique identifier for the application.
    client_id: OAuth client ID for the application.
    name: Name of the application.
    description: Description of the application.
    application_type: Type of application - either "oauth" or "m2m".
    scopes: Permission slugs assigned to the application.
    created_at: ISO 8601 timestamp of creation.
    updated_at: ISO 8601 timestamp of last update.
    redirect_uris: Redirect URIs configured for OAuth applications.
    uses_pkce: Whether the OAuth application uses PKCE (Proof Key for Code Exchange).
    is_first_party: |
      Whether this is a first-party OAuth application.

      This is false for third-party applications which are owned by an
      Organization.
    was_dynamically_registered: >
      Whether the OAuth application was dynamically registered.


      Read more about Dynamic Client Registration and MCP auth in [our
      guide](/authkit/mcp/integrating/enabling-client-id-metadata-document).
    organization_id: |
      The organization ID this application belongs to.

      First-party applications are managed by you, do not belong to an
      Organization, and therefore will not have an `organization_id`.
originalPath: >-
  .tmp-workos-clone/packages/docs/content/reference/workos-connect/applications/index.mdx
---

# Applications

The Applications API allows you to programmatically manage Connect Applications and their associated client secrets.

WorkOS Connect supports two types of applications: [OAuth](/reference/workos-connect/applications/oauth) and Machine-to-Machine [M2M](/reference/workos-connect/applications/m2m).