openapi: 3.1.0 info: title: Auth API description: "REST API for managing users, roles, permissions and OAuth2 provider\ \ logins in the platform." contact: name: ILM url: https://www.otilm.com email: info@otilm.com license: name: MIT License url: https://github.com/CZERTAINLY/CZERTAINLY/blob/develop/LICENSE.md version: 2.17.0 x-logo: url: images/ilm-logo.svg externalDocs: description: ILM Documentation url: https://docs.otilm.com servers: - url: https://demo.czertainly.online/api description: CZERTAINLY Demo server tags: - name: User Management description: User Management API - name: Authentication Management description: Authentication Management API - name: OAuth2 Login Management v2 description: OAuth2 Login Management v2 API - name: Role Management description: Role Management API paths: /v1/users/{userUuid}: get: tags: - User Management summary: Get user details operationId: getUser parameters: - name: userUuid in: path description: User UUID required: true schema: type: string responses: "200": description: User details retrieved content: application/json: schema: $ref: "#/components/schemas/UserDetailDto" "404": description: User not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] put: tags: - User Management summary: Update User operationId: updateUser parameters: - name: userUuid in: path description: User UUID required: true schema: type: string requestBody: content: application/json: schema: $ref: "#/components/schemas/UpdateUserRequestDto" required: true responses: "200": description: User details updated content: application/json: schema: $ref: "#/components/schemas/UserDetailDto" "404": description: User not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] delete: tags: - User Management summary: Delete User operationId: deleteUser parameters: - name: userUuid in: path description: User UUID required: true schema: type: string responses: "204": description: User deleted "404": description: User not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/users/{userUuid}/roles/{roleUuid}: put: tags: - User Management summary: Add role to User operationId: addRole parameters: - name: userUuid in: path description: User UUID required: true schema: type: string - name: roleUuid in: path description: Role UUID required: true schema: type: string responses: "200": description: User roles updated content: application/json: schema: $ref: "#/components/schemas/UserDetailDto" "404": description: User or Role not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] delete: tags: - User Management summary: Remove role from User operationId: removeRole parameters: - name: userUuid in: path description: User UUID required: true schema: type: string - name: roleUuid in: path description: Role UUID required: true schema: type: string responses: "200": description: User roles removed content: application/json: schema: $ref: "#/components/schemas/UserDetailDto" "404": description: User or Role not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/roles/{roleUuid}: get: tags: - Role Management summary: Get role details operationId: getRole parameters: - name: roleUuid in: path description: Role UUID required: true schema: type: string responses: "200": description: Role details retrieved content: application/json: schema: $ref: "#/components/schemas/RoleDetailDto" "404": description: Role not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] put: tags: - Role Management summary: Update Role operationId: updateRole parameters: - name: roleUuid in: path description: Role UUID required: true schema: type: string requestBody: content: application/json: schema: $ref: "#/components/schemas/RoleRequestDto" required: true responses: "200": description: Role details updated content: application/json: schema: $ref: "#/components/schemas/RoleDetailDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] delete: tags: - Role Management summary: Delete Role operationId: deleteRole parameters: - name: roleUuid in: path description: Role UUID required: true schema: type: string responses: "204": description: Role deleted "404": description: Role not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/roles/{roleUuid}/permissions/{resourceUuid}/objects/{objectUuid}: put: tags: - Role Management summary: Update Resource Objects to a Role operationId: updateResourcePermissionObjects parameters: - name: roleUuid in: path description: Role UUID required: true schema: type: string - name: resourceUuid in: path description: Resource UUID required: true schema: type: string - name: objectUuid in: path description: Object UUID required: true schema: type: string requestBody: content: application/json: schema: $ref: "#/components/schemas/ObjectPermissionsRequestDto" required: true responses: "204": description: Resource Objects added "404": description: Role not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] delete: tags: - Role Management summary: Update Resource Objects to a Role operationId: removeResourcePermissionObjects parameters: - name: roleUuid in: path description: Role UUID required: true schema: type: string - name: resourceUuid in: path description: Resource UUID required: true schema: type: string - name: objectUuid in: path description: Object UUID required: true schema: type: string responses: "204": description: Resource Objects added "404": description: Role not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/auth/profile: get: tags: - Authentication Management summary: Profile Authorization operationId: profile responses: "200": description: Authenticate a user content: application/json: schema: $ref: "#/components/schemas/UserProfileDetailDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] put: tags: - Authentication Management summary: Update User Profile operationId: updateUserProfile requestBody: content: application/json: schema: $ref: "#/components/schemas/UpdateUserRequestDto" required: true responses: "200": description: Authenticate a user content: application/json: schema: $ref: "#/components/schemas/UserDetailDto" "404": description: User not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/users: get: tags: - User Management summary: List Users operationId: listUsers responses: "200": description: List of users fetched content: application/json: schema: type: array items: $ref: "#/components/schemas/UserDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] post: tags: - User Management summary: Create User operationId: createUser requestBody: content: application/json: schema: $ref: "#/components/schemas/AddUserRequestDto" required: true responses: "201": description: User details retrieved content: application/json: schema: $ref: "#/components/schemas/UserDetailDto" "404": description: "Group, Certificate or Attribute definition not found" content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/users/identify: post: tags: - User Management summary: Identify User operationId: identifyUser requestBody: content: application/json: schema: $ref: "#/components/schemas/UserIdentificationRequestDto" required: true responses: "200": description: User identified content: application/json: schema: $ref: "#/components/schemas/UserDetailDto" "404": description: User not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/roles: get: tags: - Role Management summary: List Roles operationId: listRoles responses: "200": description: List of roles fetched content: application/json: schema: type: array items: $ref: "#/components/schemas/RoleDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] post: tags: - Role Management summary: Create Role operationId: createRole requestBody: content: application/json: schema: $ref: "#/components/schemas/RoleRequestDto" required: true responses: "201": description: Role created content: application/json: schema: $ref: "#/components/schemas/RoleDetailDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/roles/{roleUuid}/permissions: get: tags: - Role Management summary: Get Permissions of a Role operationId: getRolePermissions parameters: - name: roleUuid in: path description: Role UUID required: true schema: type: string responses: "200": description: Role permissions retrieved content: application/json: schema: $ref: "#/components/schemas/SubjectPermissionsDto" "404": description: Role not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] post: tags: - Role Management summary: Add permissions to Role operationId: savePermissions parameters: - name: roleUuid in: path description: Role UUID required: true schema: type: string requestBody: content: application/json: schema: $ref: "#/components/schemas/RolePermissionsRequestDto" required: true responses: "200": description: User roles updated content: application/json: schema: $ref: "#/components/schemas/SubjectPermissionsDto" "404": description: Role not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/roles/{roleUuid}/permissions/{resourceUuid}/objects: get: tags: - Role Management summary: Get Resource Objects of a Role operationId: getResourcePermissionObjects parameters: - name: roleUuid in: path description: Role UUID required: true schema: type: string - name: resourceUuid in: path description: Resource UUID required: true schema: type: string responses: "200": description: Resource Objects retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/ObjectPermissionsDto" "404": description: Role not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] post: tags: - Role Management summary: Add Resource Objects to a Role operationId: addResourcePermissionObjects parameters: - name: roleUuid in: path description: Role UUID required: true schema: type: string - name: resourceUuid in: path description: Resource UUID required: true schema: type: string requestBody: content: application/json: schema: type: array items: $ref: "#/components/schemas/ObjectPermissionsRequestDto" required: true responses: "204": description: Resource Objects added "404": description: Role not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/users/{userUuid}/roles: get: tags: - User Management summary: Get User Roles operationId: getUserRoles parameters: - name: userUuid in: path description: User UUID required: true schema: type: string responses: "200": description: User roles retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/RoleDto" "404": description: User not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] patch: tags: - User Management summary: Add roles to User operationId: updateRoles parameters: - name: userUuid in: path description: User UUID required: true schema: type: string requestBody: description: Role UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 required: true responses: "200": description: User roles updated content: application/json: schema: $ref: "#/components/schemas/UserDetailDto" "404": description: User or Role not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/users/{userUuid}/enable: patch: tags: - User Management summary: Enable User operationId: enableUser parameters: - name: userUuid in: path description: User UUID required: true schema: type: string responses: "200": description: User enabled content: application/json: schema: $ref: "#/components/schemas/UserDetailDto" "404": description: User not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/users/{userUuid}/disable: patch: tags: - User Management summary: Disable User operationId: disableUser parameters: - name: userUuid in: path description: User UUID required: true schema: type: string responses: "200": description: User disabled content: application/json: schema: $ref: "#/components/schemas/UserDetailDto" "404": description: User not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/roles/{roleUuid}/users: get: tags: - Role Management summary: Get Role Users operationId: getRoleUsers parameters: - name: roleUuid in: path description: Role UUID required: true schema: type: string responses: "200": description: Role users retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/UserDto" "404": description: Role not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] patch: tags: - Role Management summary: Add users to Role operationId: updateUsers parameters: - name: roleUuid in: path description: Role UUID required: true schema: type: string requestBody: description: User UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 required: true responses: "200": description: Role users updated content: application/json: schema: $ref: "#/components/schemas/RoleDetailDto" "404": description: Role not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v2/oauth2/providers: get: tags: - OAuth2 Login Management v2 summary: Get available OAuth2 authentication providers operationId: getOAuth2Providers parameters: - name: error in: query required: false schema: type: string responses: "200": description: Successfully retrieved available login providers content: application/json: schema: type: array items: $ref: "#/components/schemas/LoginProviderDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error security: [] /v2/oauth2/providers/{provider}/login: get: tags: - OAuth2 Login Management v2 summary: Login with OAuth2 provider description: Initiates OAuth2 login flow with the specified provider. Returns a redirect response to the provider's authentication page. operationId: loginWithProvider parameters: - name: provider in: path description: Name of the OAuth2 authentication provider required: true schema: type: string - name: redirect in: query description: Redirect URL to return to after successful authentication required: false schema: type: string responses: "302": description: Redirect to provider's authentication page "400": description: Bad Request content: '*/*': schema: $ref: "#/components/schemas/ErrorMessageDto" "404": description: Not Found content: '*/*': schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error security: [] /v1/users/{userUuid}/permissions: get: tags: - User Management summary: Get User permissions operationId: getPermissions parameters: - name: userUuid in: path description: User UUID required: true schema: type: string responses: "200": description: User permissions removed content: application/json: schema: $ref: "#/components/schemas/SubjectPermissionsDto" "404": description: User not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/roles/{roleUuid}/permissions/{resourceUuid}: get: tags: - Role Management summary: Get Resources of a Role operationId: getRoleResourcePermissions parameters: - name: roleUuid in: path description: Role UUID required: true schema: type: string - name: resourceUuid in: path description: Resource UUID required: true schema: type: string responses: "200": description: Role resources retrieved content: application/json: schema: $ref: "#/components/schemas/ResourcePermissionsDto" "404": description: Role not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/auth/resources: get: tags: - Authentication Management summary: Get Auth Resources operationId: getAuthResources responses: "200": description: Resources retrieved successfully content: application/json: schema: type: array items: $ref: "#/components/schemas/AuthResourceDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/auth/resources/{resourceName}/objects: get: tags: - Authentication Management summary: Get List of objects for Object Access operationId: getObjectsForResource parameters: - name: resourceName in: path description: Resource Name required: true schema: $ref: "#/components/schemas/Resource" responses: "200": description: Objects retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/NameAndUuidDto" "404": description: Resource object not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] components: schemas: ApiKeySecretContent: type: object description: Secret representing an API Key properties: type: $ref: "#/components/schemas/SecretType" description: Secret type examples: - apiKey content: type: string description: API Key content string minLength: 1 required: - content - type title: ApiKeySecretContent AttributeCallback: type: object properties: callbackContext: type: string description: Context part of callback URL callbackMethod: type: string description: HTTP method of the callback. This value is required for connector callbacks and optional only for callbacks defined on resource objects. mappings: type: array description: Mappings for the callback method items: $ref: "#/components/schemas/AttributeCallbackMapping" uniqueItems: true required: - mappings AttributeCallbackMapping: type: object properties: from: type: string description: Name of the attribute whose value is to be used as value of path variable or request param or body field.It is optional and must be set only if value is not set. attributeType: $ref: "#/components/schemas/AttributeType" description: Type of the attribute. It is optional and must be set only if special behaviour is needed. attributeContentType: $ref: "#/components/schemas/AttributeContentType" description: 'Type of the attribute content. ' to: type: string description: Name of the path variable or request param or body field which is to be used to assign value of attribute targets: type: array description: Set of targets for propagating value. items: $ref: "#/components/schemas/AttributeValueTarget" uniqueItems: true value: description: Static value to be propagated to targets. It is optional and is set only if the value is known at attribute creation time. required: - targets - to AttributeConstraintType: type: string enum: - regExp - range - dateTime AttributeContentType: type: string enum: - string - text - integer - boolean - float - date - time - datetime - secret - file - credential - codeblock - object - resource AttributeResource: type: string enum: - certificates - credentials - authorities - entities - locations - secrets AttributeType: type: string enum: - data - group - info - meta - custom AttributeValueTarget: type: string enum: - pathVariable - requestParameter - body - filter AttributeVersion: type: string enum: - v2 - v3 BaseAttributeConstraint: type: object description: Base Attribute Constraint definition discriminator: propertyName: type mapping: regExp: "#/components/schemas/RegexpAttributeConstraint" range: "#/components/schemas/RangeAttributeConstraint" dateTime: "#/components/schemas/DateTimeAttributeConstraint" oneOf: - $ref: "#/components/schemas/RegexpAttributeConstraint" - $ref: "#/components/schemas/RangeAttributeConstraint" - $ref: "#/components/schemas/DateTimeAttributeConstraint" properties: type: $ref: "#/components/schemas/AttributeConstraintType" description: Attribute Constraint Type errorMessage: type: string description: Error message to be displayed for wrong data description: type: string description: Description of the constraint required: - type BaseAttributeContentDtoV2: type: object description: Base Attribute ContentV2 definition oneOf: - $ref: "#/components/schemas/BooleanAttributeContentV2" - $ref: "#/components/schemas/CodeBlockAttributeContentV2" - $ref: "#/components/schemas/CredentialAttributeContentV2" - $ref: "#/components/schemas/DateAttributeContentV2" - $ref: "#/components/schemas/DateTimeAttributeContentV2" - $ref: "#/components/schemas/FileAttributeContentV2" - $ref: "#/components/schemas/FloatAttributeContentV2" - $ref: "#/components/schemas/IntegerAttributeContentV2" - $ref: "#/components/schemas/ObjectAttributeContentV2" - $ref: "#/components/schemas/SecretAttributeContentV2" - $ref: "#/components/schemas/StringAttributeContentV2" - $ref: "#/components/schemas/TextAttributeContentV2" - $ref: "#/components/schemas/TimeAttributeContentV2" properties: reference: type: string description: ContentV2 Reference BaseAttributeContentDtoV3: description: Base Attribute Content discriminator: propertyName: contentType mapping: boolean: "#/components/schemas/BooleanAttributeContentV3" codeblock: "#/components/schemas/CodeBlockAttributeContentV3" date: "#/components/schemas/DateAttributeContentV3" datetime: "#/components/schemas/DateTimeAttributeContentV3" file: "#/components/schemas/FileAttributeContentV3" float: "#/components/schemas/FloatAttributeContentV3" integer: "#/components/schemas/IntegerAttributeContentV3" object: "#/components/schemas/ObjectAttributeContentV3" string: "#/components/schemas/StringAttributeContentV3" text: "#/components/schemas/TextAttributeContentV3" time: "#/components/schemas/TimeAttributeContentV3" resource: "#/components/schemas/ResourceObjectContent" oneOf: - $ref: "#/components/schemas/BooleanAttributeContentV3" - $ref: "#/components/schemas/CodeBlockAttributeContentV3" - $ref: "#/components/schemas/DateAttributeContentV3" - $ref: "#/components/schemas/DateTimeAttributeContentV3" - $ref: "#/components/schemas/FileAttributeContentV3" - $ref: "#/components/schemas/FloatAttributeContentV3" - $ref: "#/components/schemas/IntegerAttributeContentV3" - $ref: "#/components/schemas/ObjectAttributeContentV3" - $ref: "#/components/schemas/StringAttributeContentV3" - $ref: "#/components/schemas/TextAttributeContentV3" - $ref: "#/components/schemas/TimeAttributeContentV3" - $ref: "#/components/schemas/ResourceObjectContent" BasicAuthSecretContent: type: object description: Secret representing Basic Authentication credentials properties: type: $ref: "#/components/schemas/SecretType" description: Secret type examples: - apiKey username: type: string description: Username for Basic Authentication example: admin minLength: 1 password: type: string description: Password for Basic Authentication minLength: 1 required: - password - type - username title: BasicAuthSecretContent BooleanAttributeContentV2: type: object description: Boolean attribute content to store true/false values properties: reference: type: string description: ContentV2 Reference data: type: boolean description: Boolean attribute value required: - data BooleanAttributeContentV3: type: object description: Boolean attribute content to store true/false values properties: reference: type: string description: Content Reference data: type: boolean description: Boolean attribute value contentType: $ref: "#/components/schemas/AttributeContentType" description: Boolean attribute value required: - contentType - data CertificateType: type: string enum: - X.509 - SSH CodeBlockAttributeContentData: type: object properties: language: $ref: "#/components/schemas/ProgrammingLanguageEnum" description: Definition of programming languages used for code examples: - "JAVA, PHP, C, etc" code: type: string description: Block of the code in Base64. Formatting of the code is specified by variable language required: - code - language CodeBlockAttributeContentV2: type: object description: Codeblock attribute content to store encoded snippets of programming language code properties: reference: type: string description: ContentV2 Reference data: $ref: "#/components/schemas/CodeBlockAttributeContentData" description: CodeBlock attribute content data required: - data CodeBlockAttributeContentV3: type: object description: Codeblock attribute content to store encoded snippets of programming language code properties: reference: type: string description: Content Reference data: $ref: "#/components/schemas/CodeBlockAttributeContentData" description: CodeBlock attribute content data contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data CredentialAttributeContentData: type: object properties: uuid: type: string description: Object identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Object Name examples: - Name kind: type: string description: Credential Kind examples: - "SoftKeyStore, Basic, ApiKey, etc" attributes: type: array description: List of Credential Attributes items: $ref: "#/components/schemas/DataAttributeV2" required: - attributes - kind - name - uuid CredentialAttributeContentV2: type: object description: Credential attribute content carrying information about credential to use properties: reference: type: string description: ContentV2 Reference data: $ref: "#/components/schemas/CredentialAttributeContentData" description: Credential attribute content data required: - data DataAttributeProperties: type: object properties: label: type: string description: Friendly name of the the Attribute examples: - Attribute Name visible: type: boolean default: true description: "Boolean determining if the Attribute is visible and can be\ \ displayed, otherwise it should be hidden to the user." group: type: string description: "Group of the Attribute, used for the logical grouping of the\ \ Attribute" examples: - requiredAttributes required: type: boolean default: false description: "Boolean determining if the Attribute is required. If true,\ \ the Attribute must be provided." readOnly: type: boolean default: false description: "Boolean determining if the Attribute is read only. If true,\ \ the Attribute content cannot be changed." list: type: boolean default: false description: Boolean determining if the Attribute contains list of values in the content multiSelect: type: boolean default: false description: Boolean determining if the Attribute can have multiple values protectionLevel: $ref: "#/components/schemas/ProtectionLevel" default: none description: Protection level of the attribute content resource: $ref: "#/components/schemas/AttributeResource" description: "Resource of the attribute, relevant if the attribute has Resource\ \ content type" extensibleList: type: boolean default: false description: Boolean determining if a list Attribute can have values other than predefined options required: - extensibleList - label - list - multiSelect - readOnly - required - visible DataAttributeV2: type: object description: Data attribute allows to store and transfer dynamic data. Its content can be edited and send in requests to store. properties: uuid: type: string description: UUID of the Attribute for unique identification example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute that is used for identification examples: - Attribute description: type: string description: "Optional description of the Attribute, should contain helper\ \ text on what is expected" version: type: integer format: int32 description: Version of the attribute type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute content: type: array description: Content of the Attribute items: $ref: "#/components/schemas/BaseAttributeContentDtoV2" contentType: $ref: "#/components/schemas/AttributeContentType" description: Type of the Content properties: $ref: "#/components/schemas/DataAttributeProperties" description: Properties of the Attributes constraints: type: array description: Optional constraints used for validating the Attribute content items: $ref: "#/components/schemas/BaseAttributeConstraint" attributeCallback: $ref: "#/components/schemas/AttributeCallback" description: Optional definition of callback for getting the content of the Attribute based on the action required: - contentType - name - properties - type - uuid - version DateAttributeContentV2: type: object description: Date attribute content in predefined format properties: reference: type: string description: ContentV2 Reference data: type: string format: date description: Date attribute value in format yyyy-MM-dd required: - data DateAttributeContentV3: type: object description: Date attribute content in predefined format properties: reference: type: string description: Content Reference data: type: string format: date description: Date attribute value in format yyyy-MM-dd contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data DateTimeAttributeConstraint: type: object description: DateTime attribute constraint to specify boundaries for date value properties: description: type: string description: Description of the constraint errorMessage: type: string description: Error message to be displayed for wrong data type: $ref: "#/components/schemas/AttributeConstraintType" description: Attribute Constraint Type data: $ref: "#/components/schemas/DateTimeAttributeConstraintData" description: DateTime Range Attribute Constraint Data required: - type DateTimeAttributeConstraintData: type: object properties: from: type: string format: date-time description: Start of the datetime for validation to: type: string format: date-time description: End of the datetime for validation DateTimeAttributeContentV2: type: object description: DateTime attribute content in predefined format with timezone properties: reference: type: string description: ContentV2 Reference data: type: string format: date-time description: DateTime attribute value in format yyyy-MM-ddTHH:mm:ss.SSSXXX required: - data DateTimeAttributeContentV3: type: object description: DateTime attribute content in predefined format with timezone properties: reference: type: string description: Content Reference data: type: string format: date-time description: DateTime attribute value in format yyyy-MM-ddTHH:mm:ss.SSSXXX contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data FileAttributeContentData: type: object properties: content: type: string description: File content fileName: type: string description: Name of the file mimeType: type: string description: Type of the file uploaded required: - content - fileName - mimeType FileAttributeContentV2: type: object description: File attribute content for storing encoded file content with additional info properties: reference: type: string description: ContentV2 Reference data: $ref: "#/components/schemas/FileAttributeContentData" description: File attribute content data required: - data FileAttributeContentV3: type: object description: File attribute content for storing encoded file content with additional info properties: reference: type: string description: Content Reference data: $ref: "#/components/schemas/FileAttributeContentData" description: File attribute content data contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data FloatAttributeContentV2: type: object description: Float attribute content for decimal numbers properties: reference: type: string description: ContentV2 Reference data: type: number format: float description: Float attribute value required: - data FloatAttributeContentV3: type: object description: Float attribute content for decimal numbers properties: reference: type: string description: Content Reference data: type: number format: float description: Float attribute value contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data GenericSecretContent: type: object description: Secret representing generic content represented as string properties: type: $ref: "#/components/schemas/SecretType" description: Secret type examples: - apiKey content: type: string description: "Generic secret content represented as string. In case secret\ \ content is binary data, it should be encoded as BASE64 string." minLength: 1 required: - content - type title: GenericSecretContent IntegerAttributeContentV2: type: object description: Integer attribute content for integer numbers properties: reference: type: string description: ContentV2 Reference data: type: integer format: int32 description: Integer attribute value required: - data IntegerAttributeContentV3: type: object description: Integer attribute content for integer numbers properties: reference: type: string description: Content Reference data: type: integer format: int32 description: Integer attribute value contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data JwtTokenSecretContent: type: object description: Secret representing JWT Token properties: type: $ref: "#/components/schemas/SecretType" description: Secret type examples: - apiKey content: type: string description: "JWT Token content in compact (dot-separated) format specified\ \ in [RFC 7519](https://datatracker.ietf.org/doc/html/rfc7519#section-3)" example: eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk minLength: 1 required: - content - type title: JwtTokenSecretContent KeyStoreSecretContent: type: object description: Secret representing Key Store properties: type: $ref: "#/components/schemas/SecretType" description: Secret type examples: - apiKey keyStoreType: $ref: "#/components/schemas/KeyStoreType" description: Key Store type content: type: string description: BASE64 encoded content of key store minLength: 1 password: type: string description: Password for key store required: - content - keyStoreType - password - type title: KeyStoreSecretContent KeyStoreType: type: string enum: - JKS - PKCS12 KeyValueSecretContent: type: object description: Secret representing key-value pairs properties: type: $ref: "#/components/schemas/SecretType" description: Secret type examples: - apiKey content: type: object additionalProperties: {} description: "Key-Value pairs stored as the secret content, represented\ \ by JSON object" required: - content - type title: KeyValueSecretContent ObjectAttributeContentV2: type: object description: Object attribute content for data with custom structure properties: reference: type: string description: ContentV2 Reference data: description: Object attribute content data required: - data ObjectAttributeContentV3: type: object description: Object attribute content for data with custom structure properties: reference: type: string description: Content Reference data: description: Object attribute content data contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data PrivateKeySecretContent: type: object description: Secret representing private key properties: type: $ref: "#/components/schemas/SecretType" description: Secret type examples: - apiKey content: type: string description: BASE64 encoded content of key in PEM format minLength: 1 required: - content - type title: PrivateKeySecretContent ProgrammingLanguageEnum: type: string enum: - apacheconf - bash - basic - c - csharp - cpp - css - docker - fsharp - gherkin - git - go - graphql - html - http - ini - java - javascript - json - kotlin - latex - lisp - makefile - markdown - matlab - nginx - objectivec - perl - php - powershell - properties - python - ruby - rust - smalltalk - sql - typescript - vbnet - xquery - xml - yaml ProtectionLevel: type: string enum: - none - encrypted RangeAttributeConstraint: type: object description: Range attribute constraint to specify boundaries for integer value properties: description: type: string description: Description of the constraint errorMessage: type: string description: Error message to be displayed for wrong data type: $ref: "#/components/schemas/AttributeConstraintType" description: Attribute Constraint Type data: $ref: "#/components/schemas/RangeAttributeConstraintData" description: Integer Range Attribute Constraint Data required: - type RangeAttributeConstraintData: type: object properties: from: type: integer format: int32 description: Start of the range for validation to: type: integer format: int32 description: End of the range for validation RegexpAttributeConstraint: type: object description: RegExp attribute constraint to restrict string value by regular expression properties: description: type: string description: Description of the constraint errorMessage: type: string description: Error message to be displayed for wrong data type: $ref: "#/components/schemas/AttributeConstraintType" description: Attribute Constraint Type data: type: string description: Regular Expression Attribute Constraint Data required: - type RequestAttribute: type: object description: Request attribute to send attribute content for object discriminator: propertyName: version mapping: v2: "#/components/schemas/RequestAttributeV2" v3: "#/components/schemas/RequestAttributeV3" oneOf: - $ref: "#/components/schemas/RequestAttributeV3" - $ref: "#/components/schemas/RequestAttributeV2" required: - contentType - name - uuid - version RequestAttributeV2: type: object properties: uuid: type: string format: uuid description: UUID of the Attribute example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute examples: - Attribute contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the Attribute examples: - Attribute content: type: array items: $ref: "#/components/schemas/BaseAttributeContentDtoV2" version: $ref: "#/components/schemas/AttributeVersion" description: Version of the Attribute required: - contentType - name - uuid - version RequestAttributeV3: type: object properties: uuid: type: string format: uuid description: UUID of the Attribute example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute examples: - Attribute contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the Attribute examples: - Attribute content: type: array items: $ref: "#/components/schemas/BaseAttributeContentDtoV3" version: $ref: "#/components/schemas/AttributeVersion" description: Version of the Attribute required: - contentType - name - uuid - version ResourceCertificateContentData: type: object description: Content data for resource object attribute containing certificate content properties: uuid: type: string description: Resource identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Resource name examples: - Main authority resource: $ref: "#/components/schemas/AttributeResource" description: Resource contained in data example: authorities certificateType: $ref: "#/components/schemas/CertificateType" description: Certificate type content: type: string description: Base64 encoded content of the certificate required: - name - resource - uuid title: ResourceCertificateContentData ResourceObjectContent: type: object description: Resource object attribute content carrying resource object data properties: reference: type: string description: Content Reference data: $ref: "#/components/schemas/ResourceObjectContentData" description: Resource Object content data contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data ResourceObjectContentData: type: object discriminator: propertyName: resource mapping: authorities: "#/components/schemas/ResourceSimpleContentData" entities: "#/components/schemas/ResourceSimpleContentData" locations: "#/components/schemas/ResourceSimpleContentData" credentials: "#/components/schemas/ResourceSimpleContentData" certificates: "#/components/schemas/ResourceCertificateContentData" secrets: "#/components/schemas/ResourceSecretContentData" oneOf: - $ref: "#/components/schemas/ResourceSimpleContentData" - $ref: "#/components/schemas/ResourceCertificateContentData" - $ref: "#/components/schemas/ResourceSecretContentData" required: - name - resource - uuid ResourceSecretContentData: type: object description: Content data for resource object attribute containing secret content properties: uuid: type: string description: Resource identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Resource name examples: - Main authority resource: $ref: "#/components/schemas/AttributeResource" description: Resource contained in data example: authorities content: $ref: "#/components/schemas/SecretContent" description: Secret content of the resource object required: - name - resource - uuid title: ResourceSecretContentData ResourceSimpleContentData: type: object description: Content data for resource object defined by its attributes properties: resource: $ref: "#/components/schemas/AttributeResource" description: Resource contained in data example: authorities uuid: type: string description: Resource identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Resource name examples: - Main authority attributes: type: array description: Attributes of the resource object items: $ref: "#/components/schemas/ResponseAttribute" required: - name - resource - uuid title: ResourceSimpleContentData ResponseAttribute: type: object description: Response attribute to send attribute content for object discriminator: propertyName: version mapping: v2: "#/components/schemas/ResponseAttributeV2" v3: "#/components/schemas/ResponseAttributeV3" oneOf: - $ref: "#/components/schemas/ResponseAttributeV2" - $ref: "#/components/schemas/ResponseAttributeV3" required: - contentType - label - name - type - uuid - version ResponseAttributeV2: type: object properties: content: type: array items: $ref: "#/components/schemas/BaseAttributeContentDtoV2" uuid: type: string format: uuid description: UUID of the Attribute example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute examples: - Attribute label: type: string description: Label of the the Attribute examples: - Attribute Name type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the Attribute examples: - Attribute version: $ref: "#/components/schemas/AttributeVersion" description: Version of the Attribute required: - contentType - label - name - type - uuid - version ResponseAttributeV3: type: object properties: uuid: type: string format: uuid description: UUID of the Attribute example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute examples: - Attribute label: type: string description: Label of the the Attribute examples: - Attribute Name type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the Attribute examples: - Attribute version: $ref: "#/components/schemas/AttributeVersion" description: Version of the Attribute required: - contentType - label - name - type - uuid - version SecretAttributeContentData: type: object properties: secret: type: string description: Secret attribute data protectionLevel: $ref: "#/components/schemas/ProtectionLevel" description: Level of protection of the data SecretAttributeContentV2: type: object description: Secret attribute content carrying secrets with defined protection level properties: reference: type: string description: ContentV2 Reference data: $ref: "#/components/schemas/SecretAttributeContentData" description: Secret attribute content data required: - data SecretContent: type: object description: Secret content dependent on secret type discriminator: propertyName: type mapping: basicAuth: "#/components/schemas/BasicAuthSecretContent" apiKey: "#/components/schemas/ApiKeySecretContent" jwtToken: "#/components/schemas/JwtTokenSecretContent" privateKey: "#/components/schemas/PrivateKeySecretContent" secretKey: "#/components/schemas/SecretKeySecretContent" keyStore: "#/components/schemas/KeyStoreSecretContent" keyValue: "#/components/schemas/KeyValueSecretContent" generic: "#/components/schemas/GenericSecretContent" oneOf: - $ref: "#/components/schemas/BasicAuthSecretContent" - $ref: "#/components/schemas/ApiKeySecretContent" - $ref: "#/components/schemas/JwtTokenSecretContent" - $ref: "#/components/schemas/PrivateKeySecretContent" - $ref: "#/components/schemas/SecretKeySecretContent" - $ref: "#/components/schemas/KeyStoreSecretContent" - $ref: "#/components/schemas/KeyValueSecretContent" - $ref: "#/components/schemas/GenericSecretContent" required: - type SecretKeySecretContent: type: object description: Secret representing secret key properties: type: $ref: "#/components/schemas/SecretType" description: Secret type examples: - apiKey content: type: string description: BASE64 encoded binary (raw) content of key minLength: 1 required: - content - type title: SecretKeySecretContent SecretType: type: string enum: - basicAuth - apiKey - jwtToken - privateKey - secretKey - keyStore - keyValue - generic StringAttributeContentV2: type: object description: String attribute content properties: reference: type: string description: ContentV2 Reference data: type: string description: String attribute value required: - data StringAttributeContentV3: type: object description: String attribute content properties: reference: type: string description: Content Reference data: type: string description: String attribute value contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data TextAttributeContentV2: type: object description: Text attribute content used to store longer formatted strings properties: reference: type: string description: ContentV2 Reference data: type: string description: Text attribute value required: - data TextAttributeContentV3: type: object description: Text attribute content used to store longer formatted strings properties: reference: type: string description: Content Reference data: type: string description: Text attribute value contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data TimeAttributeContentV2: type: object description: Time attribute content in predefined format properties: reference: type: string description: ContentV2 Reference data: type: string description: Time attribute value in format HH:mm:ss required: - data TimeAttributeContentV3: type: object description: Time attribute content in predefined format properties: reference: type: string description: Content Reference data: type: string description: Time attribute value in format HH:mm:ss contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data UpdateUserRequestDto: type: object properties: description: type: string description: Description of the user firstName: type: string description: First name of the user lastName: type: string description: Last name of the user email: type: string description: Email of the user groupUuids: type: array description: Groups UUIDs of the user (set to empty list to remove certificate from all groups) items: type: string certificateData: type: string description: Base64 Content of the admin certificate certificateUuid: type: string description: UUID of the existing certificate in the Inventory. Mandatory if certificate is not provided customAttributes: type: array description: List of Custom Attributes items: $ref: "#/components/schemas/RequestAttribute" required: - email ErrorMessageDto: type: object properties: message: type: string description: Error message detail examples: - Error message required: - message AuthenticationServiceExceptionDto: type: object properties: statusCode: type: integer format: int32 description: Status code of the HTTP Request code: type: string description: Code of the result message: type: string description: Exception message required: - code - message - statusCode NameAndUuidDto: type: object properties: uuid: type: string description: Object identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Object Name examples: - Name required: - name - uuid RoleDto: type: object properties: uuid: type: string description: Object identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Object Name examples: - Name description: type: string description: Description of the user email: type: string description: Role contact email systemRole: type: boolean description: "Is system role. True = Yes, False = No" required: - name - systemRole - uuid UserCertificateDto: type: object properties: uuid: type: string description: UUID of the certificate fingerprint: type: string description: Fingerprint of the certificate required: - fingerprint - uuid UserDetailDto: type: object properties: uuid: type: string description: UUID of the User examples: - 5b5f0784-2519-11ed-861d-0242ac120002 username: type: string description: Username of the user examples: - user1 firstName: type: string description: First name of the user lastName: type: string description: Last name of the user email: type: string description: Email of the user description: type: string description: Description of the user groups: type: array description: Groups of the user items: $ref: "#/components/schemas/NameAndUuidDto" enabled: type: boolean description: "Status of the user. True = Enabled, False = Disabled" systemUser: type: boolean description: "Is System user. True = Yes, False = No" certificate: $ref: "#/components/schemas/UserCertificateDto" description: User Certificate details roles: type: array description: Roles for the user items: $ref: "#/components/schemas/RoleDto" customAttributes: type: array description: List of Custom Attributes items: $ref: "#/components/schemas/ResponseAttribute" required: - enabled - groups - roles - systemUser - username - uuid RoleRequestDto: type: object properties: name: type: string description: Name of the role description: type: string description: Description for the role email: type: string description: Role contact email customAttributes: type: array description: List of Custom Attributes items: $ref: "#/components/schemas/RequestAttribute" RoleDetailDto: type: object properties: uuid: type: string description: Object identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Object Name examples: - Name description: type: string description: Description of the user email: type: string description: Role contact email systemRole: type: boolean description: "Is system role. True = Yes, False = No" users: type: array description: List of Users with the role items: $ref: "#/components/schemas/UserDto" customAttributes: type: array description: List of Custom Attributes items: $ref: "#/components/schemas/ResponseAttribute" required: - name - systemRole - users - uuid UserDto: type: object properties: uuid: type: string description: UUID of the User examples: - 5b5f0784-2519-11ed-861d-0242ac120002 username: type: string description: Username of the user examples: - user1 firstName: type: string description: First name of the user lastName: type: string description: Last name of the user email: type: string description: Email of the user description: type: string description: Description of the user groups: type: array description: Groups of the user items: $ref: "#/components/schemas/NameAndUuidDto" enabled: type: boolean description: "Status of the user. True = Enabled, False = Disabled" systemUser: type: boolean description: "Is System user. True = Yes, False = No" required: - enabled - groups - systemUser - username - uuid ObjectPermissionsRequestDto: type: object properties: uuid: type: string description: UUID of the Object name: type: string description: Name of the Object allow: type: array description: Allowed Action list items: type: string deny: type: array description: Denied Action list items: type: string required: - name - uuid AddUserRequestDto: type: object properties: username: type: string description: Username of the user examples: - user1 description: type: string description: Description of the user firstName: type: string description: First name of the user lastName: type: string description: Last name of the user email: type: string description: Email of the user groupUuids: type: array description: Groups UUIDs of the user items: type: string enabled: type: boolean description: "Status of the user. True = Enabled, False = Disabled" certificateData: type: string description: Base64 Content of the user certificate certificateUuid: type: string description: UUID of the existing certificate in the Inventory customAttributes: type: array description: List of Custom Attributes items: $ref: "#/components/schemas/RequestAttribute" name: type: string required: - username UserIdentificationRequestDto: type: object properties: certificateContent: type: string description: Base64 Content of the certificate authenticationToken: type: string description: Authentication Token ResourcePermissionsRequestDto: type: object properties: name: type: string description: Name of the Resource allowAllActions: type: boolean description: "Allow all actions. True = Yes, False = No" actions: type: array description: List of actions permitted items: type: string objects: type: array description: Object permissions items: $ref: "#/components/schemas/ObjectPermissionsRequestDto" required: - allowAllActions - name RolePermissionsRequestDto: type: object properties: allowAllResources: type: boolean description: "Allow all resources, True = Yes, False = No" resources: type: array description: Resources items: $ref: "#/components/schemas/ResourcePermissionsRequestDto" required: - allowAllResources ObjectPermissionsDto: type: object properties: uuid: type: string description: UUID of the Object name: type: string description: Name of the Object allow: type: array description: Allowed Action list items: type: string deny: type: array description: Denied Action list items: type: string required: - allow - deny - name - uuid ResourcePermissionsDto: type: object properties: name: type: string description: Name of the Resource allowAllActions: type: boolean description: "Allow all actions. True = Yes, False = No" actions: type: array description: List of actions permitted items: type: string objects: type: array description: Object permissions items: $ref: "#/components/schemas/ObjectPermissionsDto" required: - actions - allowAllActions - name - objects SubjectPermissionsDto: type: object properties: allowAllResources: type: boolean description: "Allow all resources, True = Yes, False = No" resources: type: array description: Resources items: $ref: "#/components/schemas/ResourcePermissionsDto" required: - allowAllResources - resources LoginProviderDto: type: object description: Login provider information properties: name: type: string description: Provider name loginUrl: type: string description: Provider login URL required: - loginUrl - name AuthActionDto: type: object properties: uuid: type: string description: Object identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Object Name examples: - Name displayName: type: string description: Resource label required: - displayName - name - uuid AuthResourceDto: type: object properties: uuid: type: string description: Object identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: $ref: "#/components/schemas/Resource" description: Resource Name examples: - Name displayName: type: string description: Resource label listObjectsEndpoint: type: string description: Listing Endpoint objectAccess: type: boolean description: "If resource has Object access permissions. True = Yes, False\ \ = No" actions: type: array description: List of Actions for the Resource items: $ref: "#/components/schemas/AuthActionDto" required: - actions - displayName - name - objectAccess - uuid Resource: type: string enum: - NONE - ANY - dashboard - settings - auditLogs - credentials - connectors - attributes - jobs - users - roles - acmeAccounts - acmeProfiles - cboms - scepProfiles - cmpProfiles - authorities - raProfiles - certificates - certificateRequests - groups - complianceProfiles - discoveries - oids - entities - locations - tokenProfiles - tokens - keys - approvalProfiles - approvals - notificationProfiles - notificationInstances - rules - actions - triggers - resources - resourceEvents - searchFilters - keyItems - platformEnums - notifications - conditions - executions - complianceRules - complianceGroups - customAttributes - globalMetadata - acmeOrders - acmeAuthorizations - acmeChallenges - cmpTransactions - endEntityProfiles - authenticationProviders - vaults - vaultProfiles - secrets UserProfileDetailDto: type: object properties: uuid: type: string description: UUID of the User examples: - 5b5f0784-2519-11ed-861d-0242ac120002 username: type: string description: Username of the user examples: - user1 firstName: type: string description: First name of the user lastName: type: string description: Last name of the user email: type: string description: Email of the user description: type: string description: Description of the user groups: type: array description: Groups of the user items: $ref: "#/components/schemas/NameAndUuidDto" enabled: type: boolean description: "Status of the user. True = Enabled, False = Disabled" systemUser: type: boolean description: "Is System user. True = Yes, False = No" certificate: $ref: "#/components/schemas/UserCertificateDto" description: User Certificate details roles: type: array description: Roles for the user items: $ref: "#/components/schemas/RoleDto" customAttributes: type: array description: List of Custom Attributes items: $ref: "#/components/schemas/ResponseAttribute" permissions: $ref: "#/components/schemas/UserProfilePermissionsDto" description: User permissions required: - enabled - groups - permissions - roles - systemUser - username - uuid UserProfilePermissionsDto: type: object properties: allowedListings: type: array description: Allowed resource listings items: $ref: "#/components/schemas/Resource" required: - allowedListings securitySchemes: SessionAuth: type: apiKey description: Session-based authentication with session ID stored in 'czertainly-session' cookie name: czertainly-session in: cookie CertificateAuth: type: apiKey description: Base64 encoded X.509 certificate passed in header name: ssl-client-cert in: header BearerJWTAuth: type: http scheme: Bearer bearerFormat: JWT