# Update an existing application from ZIP file

Updates an existing application by uploading a new ZIP archive. The application manifest in the ZIP must match the existing application ID. Requires authentication and the Apps.Manage RBAC permission. The update is logged in the audit trail.

RBAC: requires Apps.Manage

Endpoint: PUT /api/v1/apps/{appId}
Version: 1.0
Security: header

## Path parameters:

  - `appId` (string, required)
    UUID with type prefix
    Example: "us_01hxcvk1hjexere4pvtrj0ymqq"

## Query parameters:

  - `enable` (boolean,null)
    Automatically enable the application after successful update. Default is false.

## Request fields (multipart/form-data):

  - `file` (string, required)

## Response 200 fields (application/json):

  - `id` (string, required)
    UUID with type prefix
    Example: "us_01hxcvk1hjexere4pvtrj0ymqq"

  - `name` (string, required)

  - `manifest` (object, required)

  - `manifest.id` (string, required)

  - `manifest.name` (string, required)

  - `manifest.description` (string, required)

  - `manifest.version` (string, required)

  - `manifest.releasedOn` (string, required)
    Example: "2022-03-10T16:15:50Z"

  - `manifest.developer` (object, required)

  - `manifest.developer.name` (string, required)

  - `manifest.developer.website` (string, required)

  - `manifest.icons` (array)

  - `manifest.previews` (array)

  - `manifest.routes` (array)

  - `manifest.routes.path` (string, required)

  - `manifest.routes.handler` (string,null, required)

  - `manifest.routes.description` (string,null, required)

  - `manifest.routes.entryPointFor` (string,null)
    Enum: "GLOBAL", "USER", "GROUP"

  - `manifest.routes.order` (integer)

  - `manifest.routes.permissions` (object,null)

  - `manifest.routes.permissions.anyOf` (array,null)

  - `manifest.routes.permissions.anyOf.resource` (string, required)
    The type-safe resource being controlled
    Enum: "AIAgents", "AIModels", "AIProviders", "AdminSettings", "AppData", "Apps", "Audit", "Data", "Emojis", "Federation", "Group", "GroupAIAgents", "GroupAIModels", "GroupAIProviders", "GroupApps", "GroupChannels", "GroupData", "GroupMembers", "GroupQuestions", "GroupReports", "GroupRoles", "GroupSettings", "Integrations", "Jobs", "Reports", "Roles", "Rules", "Signups", "Uploads", "Users"

  - `manifest.routes.permissions.anyOf.actions` (array, required)
    List of allowed type-safe actions for this resource
    Enum: "Delete", "Impersonate", "Invite", "Manage", "Moderate", "Post", "PostAsChannel", "PostsRead", "Read", "UpdateStats"

  - `manifest.routes.permissions.allOf` (array,null)

  - `manifest.routes.permissions.allOf.resource` (string, required)
    The type-safe resource being controlled
    Enum: "AIAgents", "AIModels", "AIProviders", "AdminSettings", "AppData", "Apps", "Audit", "Data", "Emojis", "Federation", "Group", "GroupAIAgents", "GroupAIModels", "GroupAIProviders", "GroupApps", "GroupChannels", "GroupData", "GroupMembers", "GroupQuestions", "GroupReports", "GroupRoles", "GroupSettings", "Integrations", "Jobs", "Reports", "Roles", "Rules", "Signups", "Uploads", "Users"

  - `manifest.routes.permissions.allOf.actions` (array, required)
    List of allowed type-safe actions for this resource
    Enum: "Delete", "Impersonate", "Invite", "Manage", "Moderate", "Post", "PostAsChannel", "PostsRead", "Read", "UpdateStats"

  - `manifest.visibility` (string)
    Enum: "PUBLIC", "UNLISTED"

  - `manifest.type` (string)
    Enum: "REGULAR", "ERROR", "TOOLBAR"

  - `manifest.trust-level` (string)
    Enum: "STANDARD", "TRUSTED", "SYSTEM"

  - `manifest.standard` (boolean)

  - `enabled` (boolean)

  - `updatedAt` (string, required)
    Example: "2022-03-10T16:15:50Z"

## Response 400 fields (application/json):

  - `errorCode` (string, required)
    Error code

  - `message` (string, required)
    Error message

  - `docUrl` (string)
    Link to documentation

## Response 401 fields (application/json):

  - `errorCode` (string, required)
    Error code

  - `message` (string, required)
    Error message

  - `docUrl` (string)
    Link to documentation

## Response 403 fields (application/json):

  - `errorCode` (string, required)
    Error code

  - `message` (string, required)
    Error message

  - `docUrl` (string)
    Link to documentation

## Response 404 fields (application/json):

  - `errorCode` (string, required)
    Error code

  - `message` (string, required)
    Error message

  - `docUrl` (string)
    Link to documentation


