openapi: 3.1.0 info: title: Cryptographic Key API description: REST API for managing keys in the platform contact: name: ILM url: https://www.otilm.com email: info@otilm.com license: name: MIT License url: https://github.com/CZERTAINLY/CZERTAINLY/blob/develop/LICENSE.md version: 2.17.0 x-logo: url: images/ilm-logo.svg externalDocs: description: ILM Documentation url: https://docs.otilm.com servers: - url: https://demo.czertainly.online/api description: CZERTAINLY Demo server tags: - name: Cryptographic Key Management description: Cryptographic Key Management API paths: /v1/tokens/{tokenInstanceUuid}/keys/{uuid}/usages: put: tags: - Cryptographic Key Management summary: Update Key Usage with Token Instance description: "If the request body provided, only those key items will be updated.\ \ If the request body is not provided or given empty, then the entire key\ \ will be updated" operationId: updateKeyUsagesWithToken parameters: - name: tokenInstanceUuid in: path description: Token Instance UUID required: true schema: type: string - name: uuid in: path description: Key UUID required: true schema: type: string requestBody: content: application/json: schema: $ref: "#/components/schemas/UpdateKeyUsageRequestDto" required: true responses: "204": description: Keys Usages Updates "404": description: Key or token instance not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error deprecated: true security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/{uuid}: get: tags: - Cryptographic Key Management summary: Get Cryptographic Key Detail operationId: getKey parameters: - name: uuid in: path description: UUID of the Key required: true schema: type: string responses: "200": description: Cryptographic Key detail retrieved content: application/json: schema: $ref: "#/components/schemas/KeyDetailDto" "404": description: Cryptographic Key not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] put: tags: - Cryptographic Key Management summary: Edit Key operationId: editKey parameters: - name: uuid in: path description: Key UUID required: true schema: type: string requestBody: content: application/json: schema: $ref: "#/components/schemas/EditKeyRequestDto" required: true responses: "200": description: Key updated content: application/json: schema: $ref: "#/components/schemas/KeyDetailDto" "404": description: Key or token instance not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "422": description: Unprocessable Entity content: application/json: schema: type: array items: type: string example: - Error Message 1 - Error Message 2 "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] delete: tags: - Cryptographic Key Management summary: Delete Cryptographic Key description: "If the request body provided, only those key items will be deleted.\ \ If the request body is not provided or given empty, then the entire key\ \ will be destroyed" operationId: deleteKey parameters: - name: uuid in: path description: Key UUID required: true schema: type: string requestBody: description: Key Item UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 responses: "204": description: Key deleted "404": description: Key or token instance not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/{uuid}/usages: put: tags: - Cryptographic Key Management summary: Update Key Usage description: "If the request body provided, only those key items will be updated.\ \ If the request body is not provided or given empty, then the entire key\ \ will be updated" operationId: updateKeyUsages parameters: - name: uuid in: path description: Key UUID required: true schema: type: string requestBody: content: application/json: schema: $ref: "#/components/schemas/UpdateKeyUsageRequestDto" required: true responses: "204": description: Keys Usages Updates "404": description: Key or token instance not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/usages: put: tags: - Cryptographic Key Management summary: Update Key Usages for Multiple Keys description: Update the key usages for multiple keys and all the items inside it operationId: updateKeysUsages requestBody: content: application/json: schema: $ref: "#/components/schemas/BulkKeyUsageRequestDto" required: true responses: "204": description: Keys Usages Updated "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/items/usages: put: tags: - Cryptographic Key Management summary: Update Key Usages for Multiple Key Items description: Update the key usages for multiple keys Items operationId: updateKeyItemUsages requestBody: content: application/json: schema: $ref: "#/components/schemas/BulkKeyItemUsageRequestDto" required: true responses: "204": description: Key Items Usages Updated "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/tokens/{tokenInstanceUuid}/tokenProfiles/{tokenProfileUuid}/keys/{type}: post: tags: - Cryptographic Key Management summary: Create a new Cryptographic Key operationId: createKey parameters: - name: tokenInstanceUuid in: path description: UUID of the Token Instance required: true schema: type: string - name: tokenProfileUuid in: path description: UUID of the Token Profile required: true schema: type: string - name: type in: path description: Type of the key to be created required: true schema: $ref: "#/components/schemas/KeyRequestType" requestBody: content: application/json: schema: $ref: "#/components/schemas/KeyRequestDto" required: true responses: "201": description: Cryptographic Key Created Successfully content: application/json: schema: $ref: "#/components/schemas/KeyDetailDto" "404": description: Token profile not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "422": description: Unprocessable Entity content: application/json: schema: type: array items: type: string example: - Error Message 1 - Error Message 2 "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys: post: tags: - Cryptographic Key Management summary: List cryptographic keys operationId: listCryptographicKeys requestBody: content: application/json: schema: $ref: "#/components/schemas/SearchRequestDto" required: true responses: "200": description: List of all the cryptographic keys content: application/json: schema: $ref: "#/components/schemas/CryptographicKeyResponseDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] delete: tags: - Cryptographic Key Management summary: Delete Multiple Cryptographic Key operationId: deleteKeys requestBody: description: Key UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 required: true responses: "204": description: Keys deleted "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/tokens/{tokenInstanceUuid}/sync: patch: tags: - Cryptographic Key Management summary: Sync Keys from connector operationId: syncKeys parameters: - name: tokenInstanceUuid in: path description: Token Instance UUID required: true schema: type: string responses: "204": description: Key sync completed "404": description: Token instance not found content: '*/*': schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: '*/*': schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: '*/*': schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/tokens/{tokenInstanceUuid}/keys/{uuid}/enable: patch: tags: - Cryptographic Key Management summary: Enable Key with Token Instance description: "If the request body provided, only those key items will be enabled.\ \ If the request body is not provided or given empty, then the entire key\ \ will be enabled" operationId: enableKeyWithToken parameters: - name: tokenInstanceUuid in: path description: Token Instance UUID required: true schema: type: string - name: uuid in: path description: Key UUID required: true schema: type: string requestBody: description: Key Item UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 responses: "204": description: Key enabled "404": description: Key or token instance not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error deprecated: true security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/tokens/{tokenInstanceUuid}/keys/{uuid}/disable: patch: tags: - Cryptographic Key Management summary: Disable Key with Token Instance description: "If the request body provided, only those key items will be disabled.\ \ If the request body is not provided or given empty, then the entire key\ \ will be disabled" operationId: disableKeyWithToken parameters: - name: tokenInstanceUuid in: path description: Token Instance UUID required: true schema: type: string - name: uuid in: path description: Key UUID required: true schema: type: string requestBody: description: Key Item UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 responses: "204": description: Key disabled "404": description: Key or token instance not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error deprecated: true security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/tokens/{tokenInstanceUuid}/keys/{uuid}/destroy: patch: tags: - Cryptographic Key Management summary: Destroy Cryptographic Key with Token Instance description: "If the request body provided, only those key items will be destroyed.\ \ If the request body is not provided or given empty, then the entire key\ \ will be destroyed" operationId: destroyKeyWithToken parameters: - name: tokenInstanceUuid in: path description: Token Instance UUID required: true schema: type: string - name: uuid in: path description: Key UUID required: true schema: type: string requestBody: description: Key UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 responses: "204": description: Keys destroyed "404": description: Key or token instance not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error deprecated: true security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/tokens/{tokenInstanceUuid}/keys/{uuid}/compromise: patch: tags: - Cryptographic Key Management summary: Mark Key and its Items as Compromised with Token Instance description: "If the request body is provided with the UUID of the items of\ \ Key, then only those itemswill be compromised. Else all the sub items of\ \ the key will be compromised" operationId: compromiseKeyWithToken parameters: - name: tokenInstanceUuid in: path description: Token Instance UUID required: true schema: type: string - name: uuid in: path description: Key UUID required: true schema: type: string requestBody: content: application/json: schema: $ref: "#/components/schemas/CompromiseKeyRequestDto" required: true responses: "204": description: Key marked as compromised "404": description: Key or token instance not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error deprecated: true security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/{uuid}/items/{keyItemUuid}: get: tags: - Cryptographic Key Management summary: Get Cryptographic Key Detail operationId: getKeyItem parameters: - name: uuid in: path description: UUID of the Key required: true schema: type: string - name: keyItemUuid in: path description: UUID of the Key Item required: true schema: type: string responses: "200": description: Cryptographic Key item detail retrieved content: application/json: schema: $ref: "#/components/schemas/KeyItemDetailDto" "404": description: Cryptographic Key item not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] patch: tags: - Cryptographic Key Management summary: Edit Key Item operationId: editKeyItem parameters: - name: uuid in: path description: Key UUID required: true schema: type: string - name: keyItemUuid in: path description: Key Item UUID required: true schema: type: string requestBody: content: application/json: schema: $ref: "#/components/schemas/EditKeyItemDto" required: true responses: "200": description: Key Item updated content: '*/*': schema: $ref: "#/components/schemas/KeyItemDetailDto" "404": description: Key item or token instance not found content: '*/*': schema: $ref: "#/components/schemas/ErrorMessageDto" "422": description: Unprocessable Entity content: '*/*': schema: type: array items: type: string example: - Error Message 1 - Error Message 2 "400": description: Bad Request content: '*/*': schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: '*/*': schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/{uuid}/enable: patch: tags: - Cryptographic Key Management summary: Enable Key description: "If the request body provided, only those key items will be enabled.\ \ If the request body is not provided or given empty, then the entire key\ \ will be enabled" operationId: enableKey parameters: - name: uuid in: path description: Key UUID required: true schema: type: string requestBody: description: Key Item UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 responses: "204": description: Key enabled "404": description: Key or token instance not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/{uuid}/disable: patch: tags: - Cryptographic Key Management summary: Disable Key description: "If the request body provided, only those key items will be disabled.\ \ If the request body is not provided or given empty, then the entire key\ \ will be disabled" operationId: disableKey parameters: - name: uuid in: path description: Key UUID required: true schema: type: string requestBody: description: Key Item UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 responses: "204": description: Key disabled "404": description: Key or token instance not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/{uuid}/destroy: patch: tags: - Cryptographic Key Management summary: Destroy Cryptographic Key description: "If the request body provided, only those key items will be destroyed.\ \ If the request body is not provided or given empty, then the entire key\ \ will be destroyed" operationId: destroyKey parameters: - name: uuid in: path description: Key UUID required: true schema: type: string requestBody: description: Key UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 responses: "204": description: Keys destroyed "404": description: Key or token instance not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/{uuid}/compromise: patch: tags: - Cryptographic Key Management summary: Mark Key and its Items as Compromised description: "If the request body is provided with the UUID of the items of\ \ Key, then only those itemswill be compromised. Else all the sub items of\ \ the key will be compromised" operationId: compromiseKey parameters: - name: uuid in: path description: Key UUID required: true schema: type: string requestBody: content: application/json: schema: $ref: "#/components/schemas/CompromiseKeyRequestDto" required: true responses: "204": description: Key marked as compromised "404": description: Key or token instance not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/items/enable: patch: tags: - Cryptographic Key Management summary: Enable multiple Key Items operationId: enableKeyItems requestBody: description: Key Item UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 required: true responses: "204": description: Key Items enabled "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/items/disable: patch: tags: - Cryptographic Key Management summary: Disable multiple Key Items operationId: disableKeyItems requestBody: description: Key Item UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 required: true responses: "204": description: Key Items disabled "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/items/destroy: patch: tags: - Cryptographic Key Management summary: Destroy Multiple Cryptographic Key items operationId: destroyKeyItems requestBody: description: Key Item UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 required: true responses: "204": description: Keys Items destroyed "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/items/compromise: patch: tags: - Cryptographic Key Management summary: Mark Multiple Key Items as Compromised description: This API can be used to mark multiple keys items to be marked as compromised. operationId: compromiseKeyItems requestBody: content: application/json: schema: $ref: "#/components/schemas/BulkCompromiseKeyItemRequestDto" required: true responses: "204": description: Key Items marked as compromised "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/enable: patch: tags: - Cryptographic Key Management summary: Enable multiple Keys operationId: enableKeys requestBody: description: Key UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 required: true responses: "204": description: Keys enabled "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/disable: patch: tags: - Cryptographic Key Management summary: Disable multiple Keys operationId: disableKeys requestBody: description: Key UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 required: true responses: "204": description: Keys disabled "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/destroy: patch: tags: - Cryptographic Key Management summary: Destroy Multiple Cryptographic Key and its items operationId: destroyKeys requestBody: description: Key UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 required: true responses: "204": description: Keys destroyed "404": description: Key not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/compromise: patch: tags: - Cryptographic Key Management summary: Mark Multiple Key and all its Items as Compromised description: This API can be used to mark multiple keys and its sub items to be marked as compromised.Specific part of the key cannot be mentioned in this API operationId: compromiseKeys requestBody: content: application/json: schema: $ref: "#/components/schemas/BulkCompromiseKeyRequestDto" required: true responses: "204": description: Key marked as compromised "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/tokens/{tokenInstanceUuid}/tokenProfiles/{tokenProfileUuid}/keys/{type}/attributes: get: tags: - Cryptographic Key Management summary: List of Attributes to create a Key operationId: listCreateKeyAttributes parameters: - name: tokenInstanceUuid in: path description: Token Instance UUID required: true schema: type: string - name: tokenProfileUuid in: path description: Token Profile UUID required: true schema: type: string - name: type in: path description: Type of the key to be created required: true schema: $ref: "#/components/schemas/KeyRequestType" responses: "200": description: List of Attributes retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/BaseAttributeDto" "404": description: Token profile not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/tokens/{tokenInstanceUuid}/keys/{uuid}: get: tags: - Cryptographic Key Management summary: Get Cryptographic Key Detail with Token Instance operationId: getKeyWithToken parameters: - name: tokenInstanceUuid in: path description: UUID of the Token Instance required: true schema: type: string - name: uuid in: path description: UUID of the Key required: true schema: type: string responses: "200": description: Cryptographic Key detail retrieved content: application/json: schema: $ref: "#/components/schemas/KeyDetailDto" "404": description: Cryptographic Key not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error deprecated: true security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] delete: tags: - Cryptographic Key Management summary: Delete Cryptographic Key with Token Instance description: "If the request body provided, only those key items will be deleted.\ \ If the request body is not provided or given empty, then the entire key\ \ will be destroyed" operationId: deleteKeyWithToken parameters: - name: tokenInstanceUuid in: path description: Token Instance UUID required: true schema: type: string - name: uuid in: path description: Key UUID required: true schema: type: string requestBody: description: Key Item UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 responses: "204": description: Key deleted "404": description: Key or token instance not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error deprecated: true security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/tokens/{tokenInstanceUuid}/keys/{uuid}/items/{keyItemUuid}: get: tags: - Cryptographic Key Management summary: Get Cryptographic Key Detail with Token Instance operationId: getKeyItemWithToken parameters: - name: tokenInstanceUuid in: path description: UUID of the Token Instance required: true schema: type: string - name: uuid in: path description: UUID of the Key required: true schema: type: string - name: keyItemUuid in: path description: UUID of the Key Item required: true schema: type: string responses: "200": description: Cryptographic Key detail retrieved content: application/json: schema: $ref: "#/components/schemas/KeyItemDetailDto" "404": description: Cryptographic Key item not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error deprecated: true security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/tokens/{tokenInstanceUuid}/keys/{uuid}/items/{keyItemUuid}/history: get: tags: - Cryptographic Key Management summary: Get Key Item event history with Token Instance operationId: getEventHistoryWithToken parameters: - name: tokenInstanceUuid in: path description: Token Instance UUID required: true schema: type: string - name: uuid in: path description: Key UUID required: true schema: type: string - name: keyItemUuid in: path description: Key Item UUID required: true schema: type: string responses: "200": description: Certificate event history retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/KeyEventHistoryDto" "404": description: Key item not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error deprecated: true security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/{uuid}/items/{keyItemUuid}/history: get: tags: - Cryptographic Key Management summary: Get Key Item event history operationId: getEventHistory parameters: - name: uuid in: path description: Key UUID required: true schema: type: string - name: keyItemUuid in: path description: Key Item UUID required: true schema: type: string responses: "200": description: Certificate event history retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/KeyEventHistoryDto" "404": description: Key item not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/search: get: tags: - Cryptographic Key Management summary: Get CryptographicKey searchable fields information operationId: getCryptographicKeySearchableFields responses: "200": description: CryptographicKey searchable field information retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/SearchFieldDataByGroupDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/pairs: get: tags: - Cryptographic Key Management summary: List Cryptographic Keys with full Key Pairs description: This API contains the logic to get the keys that contains the full key pair (private and public Key) operationId: listKeyPairs parameters: - name: tokenProfileUuid in: query required: false schema: type: string responses: "200": description: Cryptographic Keys retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/KeyDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/keys/items: delete: tags: - Cryptographic Key Management summary: Delete Multiple Cryptographic Key Items operationId: deleteKeyItems requestBody: description: Key Items UUIDs content: application/json: schema: type: array items: type: string example: - c2f685d4-6a3e-11ec-90d6-0242ac120003 - b9b09548-a97c-4c6a-a06a-e4ee6fc2da98 required: true responses: "204": description: Key Items deleted "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] components: schemas: KeyUsage: type: string enum: - sign - verify - encrypt - decrypt - wrap - unwrap UpdateKeyUsageRequestDto: type: object properties: usage: type: array description: Usages for the Key items: $ref: "#/components/schemas/KeyUsage" uuids: type: array description: "List of UUIDs of the key Items. If not provided, the usage\ \ will be updated to all the itemsin the key" items: type: string format: uuid required: - usage ErrorMessageDto: type: object properties: message: type: string description: Error message detail examples: - Error message required: - message AuthenticationServiceExceptionDto: type: object properties: statusCode: type: integer format: int32 description: Status code of the HTTP Request code: type: string description: Code of the result message: type: string description: Exception message required: - code - message - statusCode ApiKeySecretContent: type: object description: Secret representing an API Key properties: type: $ref: "#/components/schemas/SecretType" description: Secret type examples: - apiKey content: type: string description: API Key content string minLength: 1 required: - content - type title: ApiKeySecretContent AttributeCallback: type: object properties: callbackContext: type: string description: Context part of callback URL callbackMethod: type: string description: HTTP method of the callback. This value is required for connector callbacks and optional only for callbacks defined on resource objects. mappings: type: array description: Mappings for the callback method items: $ref: "#/components/schemas/AttributeCallbackMapping" uniqueItems: true required: - mappings AttributeCallbackMapping: type: object properties: from: type: string description: Name of the attribute whose value is to be used as value of path variable or request param or body field.It is optional and must be set only if value is not set. attributeType: $ref: "#/components/schemas/AttributeType" description: Type of the attribute. It is optional and must be set only if special behaviour is needed. attributeContentType: $ref: "#/components/schemas/AttributeContentType" description: 'Type of the attribute content. ' to: type: string description: Name of the path variable or request param or body field which is to be used to assign value of attribute targets: type: array description: Set of targets for propagating value. items: $ref: "#/components/schemas/AttributeValueTarget" uniqueItems: true value: description: Static value to be propagated to targets. It is optional and is set only if the value is known at attribute creation time. required: - targets - to AttributeConstraintType: type: string enum: - regExp - range - dateTime AttributeContentType: type: string enum: - string - text - integer - boolean - float - date - time - datetime - secret - file - credential - codeblock - object - resource AttributeResource: type: string enum: - certificates - credentials - authorities - entities - locations - secrets AttributeType: type: string enum: - data - group - info - meta - custom AttributeValueTarget: type: string enum: - pathVariable - requestParameter - body - filter AttributeVersion: type: string enum: - v2 - v3 BaseAttributeConstraint: type: object description: Base Attribute Constraint definition discriminator: propertyName: type mapping: regExp: "#/components/schemas/RegexpAttributeConstraint" range: "#/components/schemas/RangeAttributeConstraint" dateTime: "#/components/schemas/DateTimeAttributeConstraint" oneOf: - $ref: "#/components/schemas/RegexpAttributeConstraint" - $ref: "#/components/schemas/RangeAttributeConstraint" - $ref: "#/components/schemas/DateTimeAttributeConstraint" properties: type: $ref: "#/components/schemas/AttributeConstraintType" description: Attribute Constraint Type errorMessage: type: string description: Error message to be displayed for wrong data description: type: string description: Description of the constraint required: - type BaseAttributeContentDtoV2: type: object description: Base Attribute ContentV2 definition oneOf: - $ref: "#/components/schemas/BooleanAttributeContentV2" - $ref: "#/components/schemas/CodeBlockAttributeContentV2" - $ref: "#/components/schemas/CredentialAttributeContentV2" - $ref: "#/components/schemas/DateAttributeContentV2" - $ref: "#/components/schemas/DateTimeAttributeContentV2" - $ref: "#/components/schemas/FileAttributeContentV2" - $ref: "#/components/schemas/FloatAttributeContentV2" - $ref: "#/components/schemas/IntegerAttributeContentV2" - $ref: "#/components/schemas/ObjectAttributeContentV2" - $ref: "#/components/schemas/SecretAttributeContentV2" - $ref: "#/components/schemas/StringAttributeContentV2" - $ref: "#/components/schemas/TextAttributeContentV2" - $ref: "#/components/schemas/TimeAttributeContentV2" properties: reference: type: string description: ContentV2 Reference BaseAttributeContentDtoV3: description: Base Attribute Content discriminator: propertyName: contentType mapping: boolean: "#/components/schemas/BooleanAttributeContentV3" codeblock: "#/components/schemas/CodeBlockAttributeContentV3" date: "#/components/schemas/DateAttributeContentV3" datetime: "#/components/schemas/DateTimeAttributeContentV3" file: "#/components/schemas/FileAttributeContentV3" float: "#/components/schemas/FloatAttributeContentV3" integer: "#/components/schemas/IntegerAttributeContentV3" object: "#/components/schemas/ObjectAttributeContentV3" string: "#/components/schemas/StringAttributeContentV3" text: "#/components/schemas/TextAttributeContentV3" time: "#/components/schemas/TimeAttributeContentV3" resource: "#/components/schemas/ResourceObjectContent" oneOf: - $ref: "#/components/schemas/BooleanAttributeContentV3" - $ref: "#/components/schemas/CodeBlockAttributeContentV3" - $ref: "#/components/schemas/DateAttributeContentV3" - $ref: "#/components/schemas/DateTimeAttributeContentV3" - $ref: "#/components/schemas/FileAttributeContentV3" - $ref: "#/components/schemas/FloatAttributeContentV3" - $ref: "#/components/schemas/IntegerAttributeContentV3" - $ref: "#/components/schemas/ObjectAttributeContentV3" - $ref: "#/components/schemas/StringAttributeContentV3" - $ref: "#/components/schemas/TextAttributeContentV3" - $ref: "#/components/schemas/TimeAttributeContentV3" - $ref: "#/components/schemas/ResourceObjectContent" BasicAuthSecretContent: type: object description: Secret representing Basic Authentication credentials properties: type: $ref: "#/components/schemas/SecretType" description: Secret type examples: - apiKey username: type: string description: Username for Basic Authentication example: admin minLength: 1 password: type: string description: Password for Basic Authentication minLength: 1 required: - password - type - username title: BasicAuthSecretContent BooleanAttributeContentV2: type: object description: Boolean attribute content to store true/false values properties: reference: type: string description: ContentV2 Reference data: type: boolean description: Boolean attribute value required: - data BooleanAttributeContentV3: type: object description: Boolean attribute content to store true/false values properties: reference: type: string description: Content Reference data: type: boolean description: Boolean attribute value contentType: $ref: "#/components/schemas/AttributeContentType" description: Boolean attribute value required: - contentType - data CertificateType: type: string enum: - X.509 - SSH CodeBlockAttributeContentData: type: object properties: language: $ref: "#/components/schemas/ProgrammingLanguageEnum" description: Definition of programming languages used for code examples: - "JAVA, PHP, C, etc" code: type: string description: Block of the code in Base64. Formatting of the code is specified by variable language required: - code - language CodeBlockAttributeContentV2: type: object description: Codeblock attribute content to store encoded snippets of programming language code properties: reference: type: string description: ContentV2 Reference data: $ref: "#/components/schemas/CodeBlockAttributeContentData" description: CodeBlock attribute content data required: - data CodeBlockAttributeContentV3: type: object description: Codeblock attribute content to store encoded snippets of programming language code properties: reference: type: string description: Content Reference data: $ref: "#/components/schemas/CodeBlockAttributeContentData" description: CodeBlock attribute content data contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data CredentialAttributeContentData: type: object properties: uuid: type: string description: Object identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Object Name examples: - Name kind: type: string description: Credential Kind examples: - "SoftKeyStore, Basic, ApiKey, etc" attributes: type: array description: List of Credential Attributes items: $ref: "#/components/schemas/DataAttributeV2" required: - attributes - kind - name - uuid CredentialAttributeContentV2: type: object description: Credential attribute content carrying information about credential to use properties: reference: type: string description: ContentV2 Reference data: $ref: "#/components/schemas/CredentialAttributeContentData" description: Credential attribute content data required: - data DataAttributeProperties: type: object properties: label: type: string description: Friendly name of the the Attribute examples: - Attribute Name visible: type: boolean default: true description: "Boolean determining if the Attribute is visible and can be\ \ displayed, otherwise it should be hidden to the user." group: type: string description: "Group of the Attribute, used for the logical grouping of the\ \ Attribute" examples: - requiredAttributes required: type: boolean default: false description: "Boolean determining if the Attribute is required. If true,\ \ the Attribute must be provided." readOnly: type: boolean default: false description: "Boolean determining if the Attribute is read only. If true,\ \ the Attribute content cannot be changed." list: type: boolean default: false description: Boolean determining if the Attribute contains list of values in the content multiSelect: type: boolean default: false description: Boolean determining if the Attribute can have multiple values protectionLevel: $ref: "#/components/schemas/ProtectionLevel" default: none description: Protection level of the attribute content resource: $ref: "#/components/schemas/AttributeResource" description: "Resource of the attribute, relevant if the attribute has Resource\ \ content type" extensibleList: type: boolean default: false description: Boolean determining if a list Attribute can have values other than predefined options required: - extensibleList - label - list - multiSelect - readOnly - required - visible DataAttributeV2: type: object description: Data attribute allows to store and transfer dynamic data. Its content can be edited and send in requests to store. properties: uuid: type: string description: UUID of the Attribute for unique identification example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute that is used for identification examples: - Attribute description: type: string description: "Optional description of the Attribute, should contain helper\ \ text on what is expected" version: type: integer format: int32 description: Version of the attribute type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute content: type: array description: Content of the Attribute items: $ref: "#/components/schemas/BaseAttributeContentDtoV2" contentType: $ref: "#/components/schemas/AttributeContentType" description: Type of the Content properties: $ref: "#/components/schemas/DataAttributeProperties" description: Properties of the Attributes constraints: type: array description: Optional constraints used for validating the Attribute content items: $ref: "#/components/schemas/BaseAttributeConstraint" attributeCallback: $ref: "#/components/schemas/AttributeCallback" description: Optional definition of callback for getting the content of the Attribute based on the action required: - contentType - name - properties - type - uuid - version DateAttributeContentV2: type: object description: Date attribute content in predefined format properties: reference: type: string description: ContentV2 Reference data: type: string format: date description: Date attribute value in format yyyy-MM-dd required: - data DateAttributeContentV3: type: object description: Date attribute content in predefined format properties: reference: type: string description: Content Reference data: type: string format: date description: Date attribute value in format yyyy-MM-dd contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data DateTimeAttributeConstraint: type: object description: DateTime attribute constraint to specify boundaries for date value properties: description: type: string description: Description of the constraint errorMessage: type: string description: Error message to be displayed for wrong data type: $ref: "#/components/schemas/AttributeConstraintType" description: Attribute Constraint Type data: $ref: "#/components/schemas/DateTimeAttributeConstraintData" description: DateTime Range Attribute Constraint Data required: - type DateTimeAttributeConstraintData: type: object properties: from: type: string format: date-time description: Start of the datetime for validation to: type: string format: date-time description: End of the datetime for validation DateTimeAttributeContentV2: type: object description: DateTime attribute content in predefined format with timezone properties: reference: type: string description: ContentV2 Reference data: type: string format: date-time description: DateTime attribute value in format yyyy-MM-ddTHH:mm:ss.SSSXXX required: - data DateTimeAttributeContentV3: type: object description: DateTime attribute content in predefined format with timezone properties: reference: type: string description: Content Reference data: type: string format: date-time description: DateTime attribute value in format yyyy-MM-ddTHH:mm:ss.SSSXXX contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data EditKeyRequestDto: type: object properties: tokenProfileUuid: type: string description: UUID of the token profile name: type: string description: Name of the Cryptographic Key description: type: string description: Description of the Cryptographic Key ownerUuid: type: string description: Key Owner UUID groupUuids: type: array description: UUIDs of the groups to associate with key items: type: string customAttributes: type: array description: List of Custom Attributes items: $ref: "#/components/schemas/RequestAttribute" required: - description - name FileAttributeContentData: type: object properties: content: type: string description: File content fileName: type: string description: Name of the file mimeType: type: string description: Type of the file uploaded required: - content - fileName - mimeType FileAttributeContentV2: type: object description: File attribute content for storing encoded file content with additional info properties: reference: type: string description: ContentV2 Reference data: $ref: "#/components/schemas/FileAttributeContentData" description: File attribute content data required: - data FileAttributeContentV3: type: object description: File attribute content for storing encoded file content with additional info properties: reference: type: string description: Content Reference data: $ref: "#/components/schemas/FileAttributeContentData" description: File attribute content data contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data FloatAttributeContentV2: type: object description: Float attribute content for decimal numbers properties: reference: type: string description: ContentV2 Reference data: type: number format: float description: Float attribute value required: - data FloatAttributeContentV3: type: object description: Float attribute content for decimal numbers properties: reference: type: string description: Content Reference data: type: number format: float description: Float attribute value contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data GenericSecretContent: type: object description: Secret representing generic content represented as string properties: type: $ref: "#/components/schemas/SecretType" description: Secret type examples: - apiKey content: type: string description: "Generic secret content represented as string. In case secret\ \ content is binary data, it should be encoded as BASE64 string." minLength: 1 required: - content - type title: GenericSecretContent IntegerAttributeContentV2: type: object description: Integer attribute content for integer numbers properties: reference: type: string description: ContentV2 Reference data: type: integer format: int32 description: Integer attribute value required: - data IntegerAttributeContentV3: type: object description: Integer attribute content for integer numbers properties: reference: type: string description: Content Reference data: type: integer format: int32 description: Integer attribute value contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data JwtTokenSecretContent: type: object description: Secret representing JWT Token properties: type: $ref: "#/components/schemas/SecretType" description: Secret type examples: - apiKey content: type: string description: "JWT Token content in compact (dot-separated) format specified\ \ in [RFC 7519](https://datatracker.ietf.org/doc/html/rfc7519#section-3)" example: eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk minLength: 1 required: - content - type title: JwtTokenSecretContent KeyStoreSecretContent: type: object description: Secret representing Key Store properties: type: $ref: "#/components/schemas/SecretType" description: Secret type examples: - apiKey keyStoreType: $ref: "#/components/schemas/KeyStoreType" description: Key Store type content: type: string description: BASE64 encoded content of key store minLength: 1 password: type: string description: Password for key store required: - content - keyStoreType - password - type title: KeyStoreSecretContent KeyStoreType: type: string enum: - JKS - PKCS12 KeyValueSecretContent: type: object description: Secret representing key-value pairs properties: type: $ref: "#/components/schemas/SecretType" description: Secret type examples: - apiKey content: type: object additionalProperties: {} description: "Key-Value pairs stored as the secret content, represented\ \ by JSON object" required: - content - type title: KeyValueSecretContent ObjectAttributeContentV2: type: object description: Object attribute content for data with custom structure properties: reference: type: string description: ContentV2 Reference data: description: Object attribute content data required: - data ObjectAttributeContentV3: type: object description: Object attribute content for data with custom structure properties: reference: type: string description: Content Reference data: description: Object attribute content data contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data PrivateKeySecretContent: type: object description: Secret representing private key properties: type: $ref: "#/components/schemas/SecretType" description: Secret type examples: - apiKey content: type: string description: BASE64 encoded content of key in PEM format minLength: 1 required: - content - type title: PrivateKeySecretContent ProgrammingLanguageEnum: type: string enum: - apacheconf - bash - basic - c - csharp - cpp - css - docker - fsharp - gherkin - git - go - graphql - html - http - ini - java - javascript - json - kotlin - latex - lisp - makefile - markdown - matlab - nginx - objectivec - perl - php - powershell - properties - python - ruby - rust - smalltalk - sql - typescript - vbnet - xquery - xml - yaml ProtectionLevel: type: string enum: - none - encrypted RangeAttributeConstraint: type: object description: Range attribute constraint to specify boundaries for integer value properties: description: type: string description: Description of the constraint errorMessage: type: string description: Error message to be displayed for wrong data type: $ref: "#/components/schemas/AttributeConstraintType" description: Attribute Constraint Type data: $ref: "#/components/schemas/RangeAttributeConstraintData" description: Integer Range Attribute Constraint Data required: - type RangeAttributeConstraintData: type: object properties: from: type: integer format: int32 description: Start of the range for validation to: type: integer format: int32 description: End of the range for validation RegexpAttributeConstraint: type: object description: RegExp attribute constraint to restrict string value by regular expression properties: description: type: string description: Description of the constraint errorMessage: type: string description: Error message to be displayed for wrong data type: $ref: "#/components/schemas/AttributeConstraintType" description: Attribute Constraint Type data: type: string description: Regular Expression Attribute Constraint Data required: - type RequestAttribute: type: object description: Request attribute to send attribute content for object discriminator: propertyName: version mapping: v2: "#/components/schemas/RequestAttributeV2" v3: "#/components/schemas/RequestAttributeV3" oneOf: - $ref: "#/components/schemas/RequestAttributeV3" - $ref: "#/components/schemas/RequestAttributeV2" required: - contentType - name - uuid - version RequestAttributeV2: type: object properties: uuid: type: string format: uuid description: UUID of the Attribute example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute examples: - Attribute contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the Attribute examples: - Attribute content: type: array items: $ref: "#/components/schemas/BaseAttributeContentDtoV2" version: $ref: "#/components/schemas/AttributeVersion" description: Version of the Attribute required: - contentType - name - uuid - version RequestAttributeV3: type: object properties: uuid: type: string format: uuid description: UUID of the Attribute example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute examples: - Attribute contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the Attribute examples: - Attribute content: type: array items: $ref: "#/components/schemas/BaseAttributeContentDtoV3" version: $ref: "#/components/schemas/AttributeVersion" description: Version of the Attribute required: - contentType - name - uuid - version ResourceCertificateContentData: type: object description: Content data for resource object attribute containing certificate content properties: uuid: type: string description: Resource identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Resource name examples: - Main authority resource: $ref: "#/components/schemas/AttributeResource" description: Resource contained in data example: authorities certificateType: $ref: "#/components/schemas/CertificateType" description: Certificate type content: type: string description: Base64 encoded content of the certificate required: - name - resource - uuid title: ResourceCertificateContentData ResourceObjectContent: type: object description: Resource object attribute content carrying resource object data properties: reference: type: string description: Content Reference data: $ref: "#/components/schemas/ResourceObjectContentData" description: Resource Object content data contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data ResourceObjectContentData: type: object discriminator: propertyName: resource mapping: authorities: "#/components/schemas/ResourceSimpleContentData" entities: "#/components/schemas/ResourceSimpleContentData" locations: "#/components/schemas/ResourceSimpleContentData" credentials: "#/components/schemas/ResourceSimpleContentData" certificates: "#/components/schemas/ResourceCertificateContentData" secrets: "#/components/schemas/ResourceSecretContentData" oneOf: - $ref: "#/components/schemas/ResourceSimpleContentData" - $ref: "#/components/schemas/ResourceCertificateContentData" - $ref: "#/components/schemas/ResourceSecretContentData" required: - name - resource - uuid ResourceSecretContentData: type: object description: Content data for resource object attribute containing secret content properties: uuid: type: string description: Resource identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Resource name examples: - Main authority resource: $ref: "#/components/schemas/AttributeResource" description: Resource contained in data example: authorities content: $ref: "#/components/schemas/SecretContent" description: Secret content of the resource object required: - name - resource - uuid title: ResourceSecretContentData ResourceSimpleContentData: type: object description: Content data for resource object defined by its attributes properties: resource: $ref: "#/components/schemas/AttributeResource" description: Resource contained in data example: authorities uuid: type: string description: Resource identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Resource name examples: - Main authority attributes: type: array description: Attributes of the resource object items: $ref: "#/components/schemas/ResponseAttribute" required: - name - resource - uuid title: ResourceSimpleContentData ResponseAttribute: type: object description: Response attribute to send attribute content for object discriminator: propertyName: version mapping: v2: "#/components/schemas/ResponseAttributeV2" v3: "#/components/schemas/ResponseAttributeV3" oneOf: - $ref: "#/components/schemas/ResponseAttributeV2" - $ref: "#/components/schemas/ResponseAttributeV3" required: - contentType - label - name - type - uuid - version ResponseAttributeV2: type: object properties: content: type: array items: $ref: "#/components/schemas/BaseAttributeContentDtoV2" uuid: type: string format: uuid description: UUID of the Attribute example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute examples: - Attribute label: type: string description: Label of the the Attribute examples: - Attribute Name type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the Attribute examples: - Attribute version: $ref: "#/components/schemas/AttributeVersion" description: Version of the Attribute required: - contentType - label - name - type - uuid - version ResponseAttributeV3: type: object properties: uuid: type: string format: uuid description: UUID of the Attribute example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute examples: - Attribute label: type: string description: Label of the the Attribute examples: - Attribute Name type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the Attribute examples: - Attribute version: $ref: "#/components/schemas/AttributeVersion" description: Version of the Attribute required: - contentType - label - name - type - uuid - version SecretAttributeContentData: type: object properties: secret: type: string description: Secret attribute data protectionLevel: $ref: "#/components/schemas/ProtectionLevel" description: Level of protection of the data SecretAttributeContentV2: type: object description: Secret attribute content carrying secrets with defined protection level properties: reference: type: string description: ContentV2 Reference data: $ref: "#/components/schemas/SecretAttributeContentData" description: Secret attribute content data required: - data SecretContent: type: object description: Secret content dependent on secret type discriminator: propertyName: type mapping: basicAuth: "#/components/schemas/BasicAuthSecretContent" apiKey: "#/components/schemas/ApiKeySecretContent" jwtToken: "#/components/schemas/JwtTokenSecretContent" privateKey: "#/components/schemas/PrivateKeySecretContent" secretKey: "#/components/schemas/SecretKeySecretContent" keyStore: "#/components/schemas/KeyStoreSecretContent" keyValue: "#/components/schemas/KeyValueSecretContent" generic: "#/components/schemas/GenericSecretContent" oneOf: - $ref: "#/components/schemas/BasicAuthSecretContent" - $ref: "#/components/schemas/ApiKeySecretContent" - $ref: "#/components/schemas/JwtTokenSecretContent" - $ref: "#/components/schemas/PrivateKeySecretContent" - $ref: "#/components/schemas/SecretKeySecretContent" - $ref: "#/components/schemas/KeyStoreSecretContent" - $ref: "#/components/schemas/KeyValueSecretContent" - $ref: "#/components/schemas/GenericSecretContent" required: - type SecretKeySecretContent: type: object description: Secret representing secret key properties: type: $ref: "#/components/schemas/SecretType" description: Secret type examples: - apiKey content: type: string description: BASE64 encoded binary (raw) content of key minLength: 1 required: - content - type title: SecretKeySecretContent SecretType: type: string enum: - basicAuth - apiKey - jwtToken - privateKey - secretKey - keyStore - keyValue - generic StringAttributeContentV2: type: object description: String attribute content properties: reference: type: string description: ContentV2 Reference data: type: string description: String attribute value required: - data StringAttributeContentV3: type: object description: String attribute content properties: reference: type: string description: Content Reference data: type: string description: String attribute value contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data TextAttributeContentV2: type: object description: Text attribute content used to store longer formatted strings properties: reference: type: string description: ContentV2 Reference data: type: string description: Text attribute value required: - data TextAttributeContentV3: type: object description: Text attribute content used to store longer formatted strings properties: reference: type: string description: Content Reference data: type: string description: Text attribute value contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data TimeAttributeContentV2: type: object description: Time attribute content in predefined format properties: reference: type: string description: ContentV2 Reference data: type: string description: Time attribute value in format HH:mm:ss required: - data TimeAttributeContentV3: type: object description: Time attribute content in predefined format properties: reference: type: string description: Content Reference data: type: string description: Time attribute value in format HH:mm:ss contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the attribute required: - contentType - data ComplianceStatus: type: string enum: - not_checked - ok - nok - na - failed GroupDto: type: object properties: uuid: type: string description: Object identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Object Name examples: - Name description: type: string description: Description of the Group email: type: string description: Group contact email customAttributes: type: array description: List of Custom Attributes items: $ref: "#/components/schemas/ResponseAttribute" required: - name - uuid KeyAlgorithm: type: string enum: - RSA - ECDSA - FALCON - ML-DSA - SLH-DSA - ML-KEM - CRYSTALS-Dilithium - SPHINCS+ - Unknown KeyAssociationDto: type: object properties: uuid: type: string description: Object identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Object Name examples: - Name resource: $ref: "#/components/schemas/Resource" description: Type of the resource required: - name - resource - uuid KeyCompromiseReason: type: string enum: - disclosure - modification - substitution - use_of_sensitive_data KeyDetailDto: type: object properties: uuid: type: string description: Object identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Object Name examples: - Name description: type: string description: Description of the Key creationTime: type: string format: date-time description: "Creation time of the Key. If the key is discovered from the\ \ connector, then it will be returned" tokenProfileUuid: type: string description: UUID of the Token Profile tokenProfileName: type: string description: Name of the Token Profile tokenInstanceUuid: type: string description: Token Instance UUID tokenInstanceName: type: string description: Token Instance Name customAttributes: type: array description: Custom Attributes for the Cryptographic Key items: $ref: "#/components/schemas/ResponseAttribute" attributes: type: array description: Attributes for the Cryptographic Key items: $ref: "#/components/schemas/ResponseAttribute" owner: type: string description: Owner of the Key ownerUuid: type: string description: UUID of the owner of the Key groups: type: array description: Groups associated to the key items: $ref: "#/components/schemas/GroupDto" items: type: array description: Key Objects items: $ref: "#/components/schemas/KeyItemDetailDto" associations: type: array description: List of associated items items: $ref: "#/components/schemas/KeyAssociationDto" complianceStatus: $ref: "#/components/schemas/ComplianceStatus" description: Key compliance status required: - attributes - complianceStatus - creationTime - items - name - uuid KeyFormat: type: string enum: - Raw - SubjectPublicKeyInfo - PrivateKeyInfo - EncryptedPrivateKeyInfo - Custom KeyItemDetailDto: type: object properties: uuid: type: string description: Object identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Object Name examples: - Name keyReferenceUuid: type: string description: UUID of the key item in the Connector type: $ref: "#/components/schemas/KeyType" description: Type of the Key keyAlgorithm: $ref: "#/components/schemas/KeyAlgorithm" description: Key Algorithm format: $ref: "#/components/schemas/KeyFormat" description: Key Format keyData: type: string description: Key Data length: type: integer format: int32 description: Key Length metadata: type: array description: Metadata for the key items: $ref: "#/components/schemas/MetadataResponseDto" usage: type: array description: Key Usages items: $ref: "#/components/schemas/KeyUsage" enabled: type: boolean description: Boolean describing if the key is enabled or not state: $ref: "#/components/schemas/KeyState" description: Key State reason: $ref: "#/components/schemas/KeyCompromiseReason" description: Reason for Compromise complianceStatus: $ref: "#/components/schemas/ComplianceStatus" description: Key compliance status required: - complianceStatus - enabled - format - keyAlgorithm - length - name - state - type - uuid KeyState: type: string enum: - pre-active - active - deactivated - compromised - destroyed - destroyedCompromised KeyType: type: string enum: - Secret - Public - Private - Split MetadataResponseDto: type: object description: Metadata response attributes with their source connector properties: connectorUuid: type: string description: UUID of the Connector connectorName: type: string description: Name of the Connector sourceObjectType: $ref: "#/components/schemas/Resource" description: Source Object Type items: type: array description: List of Metadata items: $ref: "#/components/schemas/ResponseMetadataDto" required: - items NameAndUuidDto: type: object properties: uuid: type: string description: Object identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Object Name examples: - Name required: - name - uuid Resource: type: string enum: - NONE - ANY - dashboard - settings - auditLogs - credentials - connectors - attributes - jobs - users - roles - acmeAccounts - acmeProfiles - cboms - scepProfiles - cmpProfiles - authorities - raProfiles - certificates - certificateRequests - groups - complianceProfiles - discoveries - oids - entities - locations - tokenProfiles - tokens - keys - approvalProfiles - approvals - notificationProfiles - notificationInstances - rules - actions - triggers - resources - resourceEvents - searchFilters - keyItems - platformEnums - notifications - conditions - executions - complianceRules - complianceGroups - customAttributes - globalMetadata - acmeOrders - acmeAuthorizations - acmeChallenges - cmpTransactions - endEntityProfiles - authenticationProviders - vaults - vaultProfiles - secrets ResponseMetadataDto: type: object description: Request attribute to send attribute content for object discriminator: propertyName: version mapping: v2: "#/components/schemas/ResponseMetadataV2" v3: "#/components/schemas/ResponseMetadataV3" oneOf: - $ref: "#/components/schemas/ResponseMetadataV3" - $ref: "#/components/schemas/ResponseMetadataV2" required: - contentType - label - name - sourceObjects - type - version ResponseMetadataV2: type: object description: Response metadata attribute instance with content properties: sourceObjects: type: array description: Source Objects items: $ref: "#/components/schemas/NameAndUuidDto" uuid: type: string format: uuid description: UUID of the Attribute example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute examples: - Attribute label: type: string description: Label of the the Attribute examples: - Attribute Name type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the Attribute examples: - Attribute content: type: array items: $ref: "#/components/schemas/BaseAttributeContentDtoV2" version: $ref: "#/components/schemas/AttributeVersion" description: Version of the Attribute examples: - Attribute required: - contentType - label - name - sourceObjects - type - version ResponseMetadataV3: type: object description: Response metadata attribute instance with content properties: sourceObjects: type: array description: Source Objects items: $ref: "#/components/schemas/NameAndUuidDto" uuid: type: string format: uuid description: UUID of the Attribute example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute examples: - Attribute label: type: string description: Label of the the Attribute examples: - Attribute Name type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute contentType: $ref: "#/components/schemas/AttributeContentType" description: Content Type of the Attribute examples: - Attribute content: type: array items: $ref: "#/components/schemas/BaseAttributeContentDtoV3" version: $ref: "#/components/schemas/AttributeVersion" description: Version of the Attribute examples: - Attribute required: - contentType - label - name - sourceObjects - type - version BulkKeyUsageRequestDto: type: object properties: usage: type: array description: Usages for the Key items: $ref: "#/components/schemas/KeyUsage" uuids: type: array description: Key UUIDs items: type: string format: uuid required: - usage - uuids BulkKeyItemUsageRequestDto: type: object properties: usage: type: array description: Usages for the Key items: $ref: "#/components/schemas/KeyUsage" uuids: type: array description: Key Item UUIDs items: type: string format: uuid required: - usage - uuids KeyRequestType: type: string enum: - secret - keyPair KeyRequestDto: type: object properties: name: type: string description: Name of the Cryptographic Key description: type: string description: Description of the Cryptographic Key groupUuids: type: array description: UUIDs of the groups to associate with key items: type: string attributes: type: array description: List of Attributes to create a Key items: $ref: "#/components/schemas/RequestAttribute" customAttributes: type: array description: Custom Attributes for the key items: $ref: "#/components/schemas/RequestAttribute" enabled: type: boolean default: false description: "Enabled status of created key. True = Enabled, False = Disabled" required: - attributes - description - name FilterConditionOperator: type: string enum: - EQUALS - NOT_EQUALS - GREATER - GREATER_OR_EQUAL - LESSER - LESSER_OR_EQUAL - CONTAINS - NOT_CONTAINS - STARTS_WITH - ENDS_WITH - EMPTY - NOT_EMPTY - IN_NEXT - IN_PAST - MATCHES - NOT_MATCHES - COUNT_EQUAL - COUNT_NOT_EQUAL - COUNT_GREATER_THAN - COUNT_LESS_THAN FilterFieldSource: type: string enum: - meta - custom - data - property SearchFilterRequestDto: type: object properties: fieldSource: $ref: "#/components/schemas/FilterFieldSource" description: Field group of search filter fieldIdentifier: type: string description: "Field identifier of search filter. List of available fields\ \ with their identifiers can be retrieved from corresponding endpoint\ \ `GET /v1/{resource}/search`, e.g.: [**GET /v1/certificates/search**](../core-certificate/#tag/Certificate-Inventory/operation/getSearchableFieldInformation)" condition: $ref: "#/components/schemas/FilterConditionOperator" description: Condition for the search filter value: description: Value to match required: - condition - fieldIdentifier - fieldSource SearchRequestDto: type: object properties: filters: type: array description: Certificate filter input items: $ref: "#/components/schemas/SearchFilterRequestDto" itemsPerPage: type: integer format: int32 default: 10 description: Number of entries per page maximum: 1000 pageNumber: type: integer format: int32 default: 1 description: Page number for the request CryptographicKeyResponseDto: type: object properties: cryptographicKeys: type: array description: Cryptographic Keys items: $ref: "#/components/schemas/KeyItemDto" itemsPerPage: type: integer format: int32 description: Number of entries per page pageNumber: type: integer format: int32 description: Page number for the request totalPages: type: integer format: int32 description: Number of pages available totalItems: type: integer format: int64 description: Number of items available required: - cryptographicKeys - itemsPerPage - pageNumber - totalItems - totalPages KeyItemDto: type: object properties: uuid: type: string description: Object identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Object Name examples: - Name description: type: string description: Description of the Key creationTime: type: string format: date-time description: "Creation time of the Key. If the key is discovered from the\ \ connector, then it will be returned" keyWrapperUuid: type: string description: UUID of the wrapper object tokenProfileUuid: type: string description: UUID of the Token Profile tokenProfileName: type: string description: Name of the Token Profile tokenInstanceUuid: type: string description: Token Instance UUID tokenInstanceName: type: string description: Token Instance Name owner: type: string description: Owner of the Key ownerUuid: type: string description: UUID of the owner of the Key groups: type: array description: Groups associated to the Key items: $ref: "#/components/schemas/GroupDto" associations: type: integer format: int32 description: Number of associated objects keyReferenceUuid: type: string description: UUID of the key item in the Connector type: $ref: "#/components/schemas/KeyType" description: Type of the Key keyAlgorithm: $ref: "#/components/schemas/KeyAlgorithm" description: Key Algorithm format: $ref: "#/components/schemas/KeyFormat" description: Key Format length: type: integer format: int32 description: Key Length usage: type: array description: Key Usages items: $ref: "#/components/schemas/KeyUsage" enabled: type: boolean description: Boolean describing if the key is enabled or not state: $ref: "#/components/schemas/KeyState" description: Key State complianceStatus: $ref: "#/components/schemas/ComplianceStatus" description: Key compliance status required: - associations - complianceStatus - creationTime - enabled - format - keyAlgorithm - keyWrapperUuid - length - name - state - type - uuid CompromiseKeyRequestDto: type: object properties: reason: $ref: "#/components/schemas/KeyCompromiseReason" description: Usages for the Key uuids: type: array description: "List of UUIDs of the key Items. If not provided, the usage\ \ will be updated to all the itemsin the key" items: type: string format: uuid required: - reason EditKeyItemDto: type: object properties: name: type: string description: Name of the key item required: - name BulkCompromiseKeyItemRequestDto: type: object properties: reason: $ref: "#/components/schemas/KeyCompromiseReason" description: Usages for the Key uuids: type: array description: List of Key Item UUID items: type: string format: uuid required: - reason BulkCompromiseKeyRequestDto: type: object properties: reason: $ref: "#/components/schemas/KeyCompromiseReason" description: Usages for the Key uuids: type: array description: List of UUIDs of the keys. This will mark all the items inside the selected key as compromised items: type: string format: uuid required: - reason BaseAttributeDto: type: object description: Base Attribute definition oneOf: - $ref: "#/components/schemas/BaseAttributeDtoV2" - $ref: "#/components/schemas/BaseAttributeDtoV3" properties: name: type: string description: Name of the Attribute that is used for identification examples: - Attribute type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute uuid: type: string description: UUID of the Attribute for unique identification example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 description: type: string description: "Optional description of the Attribute, should contain helper\ \ text on what is expected" required: - name - type - uuid BaseAttributeDtoV2: description: Base Attribute definition discriminator: propertyName: type mapping: data: "#/components/schemas/DataAttributeV2" info: "#/components/schemas/InfoAttributeV2" group: "#/components/schemas/GroupAttributeV2" meta: "#/components/schemas/MetadataAttributeV2" custom: "#/components/schemas/CustomAttributeV2" oneOf: - $ref: "#/components/schemas/DataAttributeV2" - $ref: "#/components/schemas/InfoAttributeV2" - $ref: "#/components/schemas/GroupAttributeV2" - $ref: "#/components/schemas/MetadataAttributeV2" - $ref: "#/components/schemas/CustomAttributeV2" BaseAttributeDtoV3: type: object description: Base Attribute definition discriminator: propertyName: type mapping: data: "#/components/schemas/DataAttributeV3" info: "#/components/schemas/InfoAttributeV3" group: "#/components/schemas/GroupAttributeV3" meta: "#/components/schemas/MetadataAttributeV3" custom: "#/components/schemas/CustomAttributeV3" oneOf: - $ref: "#/components/schemas/DataAttributeV3" - $ref: "#/components/schemas/InfoAttributeV3" - $ref: "#/components/schemas/GroupAttributeV3" - $ref: "#/components/schemas/MetadataAttributeV3" - $ref: "#/components/schemas/CustomAttributeV3" required: - schemaVersion CustomAttributeProperties: type: object properties: label: type: string description: Friendly name of the the Attribute examples: - Attribute Name visible: type: boolean default: true description: "Boolean determining if the Attribute is visible and can be\ \ displayed, otherwise it should be hidden to the user." group: type: string description: "Group of the Attribute, used for the logical grouping of the\ \ Attribute" examples: - requiredAttributes required: type: boolean default: false description: "Boolean determining if the Attribute is required. If true,\ \ the Attribute must be provided." readOnly: type: boolean default: false description: "Boolean determining if the Attribute is read only. If true,\ \ the Attribute content cannot be changed." list: type: boolean default: false description: Boolean determining if the Attribute contains list of values in the content multiSelect: type: boolean default: false description: Boolean determining if the Attribute can have multiple values extensibleList: type: boolean default: false description: Boolean determining if a list Attribute can have values other than predefined options protectionLevel: $ref: "#/components/schemas/ProtectionLevel" default: none description: Protection level of the attribute content required: - extensibleList - label - list - multiSelect - readOnly - required - visible CustomAttributeV2: type: object description: Custom attribute allows to store and transfer dynamic data. Its content can be edited and send in requests to store. properties: uuid: type: string description: UUID of the Attribute for unique identification example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute that is used for identification examples: - Attribute description: type: string description: "Optional description of the Attribute, should contain helper\ \ text on what is expected" version: type: integer format: int32 description: Version of the attribute type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute content: type: array description: Content of the Attribute items: $ref: "#/components/schemas/BaseAttributeContentDtoV2" contentType: $ref: "#/components/schemas/AttributeContentType" description: Type of the Content properties: $ref: "#/components/schemas/CustomAttributeProperties" description: Properties of the Attributes required: - contentType - name - properties - type - uuid - version CustomAttributeV3: type: object description: Custom attribute allows to store and transfer dynamic data. Its content can be edited and send in requests to store. properties: uuid: type: string description: UUID of the Attribute for unique identification example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute that is used for identification examples: - Attribute description: type: string description: "Optional description of the Attribute, should contain helper\ \ text on what is expected" version: type: integer format: int32 description: Version of the attribute type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute content: type: array description: Content of the Attribute items: $ref: "#/components/schemas/BaseAttributeContentDtoV3" contentType: $ref: "#/components/schemas/AttributeContentType" description: Type of the Content properties: $ref: "#/components/schemas/CustomAttributeProperties" description: Properties of the Attributes schemaVersion: $ref: "#/components/schemas/AttributeVersion" description: Schema version of the Attribute required: - contentType - name - properties - schemaVersion - type - uuid - version DataAttributeV3: type: object description: Data attribute allows to store and transfer dynamic data. Its content can be edited and send in requests to store. properties: uuid: type: string description: UUID of the Attribute for unique identification example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute that is used for identification examples: - Attribute description: type: string description: "Optional description of the Attribute, should contain helper\ \ text on what is expected" version: type: integer format: int32 description: Version of the attribute type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute content: type: array description: Content of the Attribute items: $ref: "#/components/schemas/BaseAttributeContentDtoV3" contentType: $ref: "#/components/schemas/AttributeContentType" description: Type of the Content properties: $ref: "#/components/schemas/DataAttributeProperties" description: Properties of the Attributes constraints: type: array description: Optional constraints used for validating the Attribute content items: $ref: "#/components/schemas/BaseAttributeConstraint" attributeCallback: $ref: "#/components/schemas/AttributeCallback" description: Optional definition of callback for getting the content of the Attribute based on the action schemaVersion: $ref: "#/components/schemas/AttributeVersion" description: Schema version of the Attribute required: - contentType - name - properties - schemaVersion - type - uuid - version GroupAttributeV2: type: object description: Group attribute and its content represents dynamic list of additional attributes retrieved by callback. Its content can not be edited and is not send in requests to store. properties: uuid: type: string description: UUID of the Attribute for unique identification example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute that is used for identification examples: - Attribute description: type: string description: "Optional description of the Attribute, should contain helper\ \ text on what is expected" version: type: integer format: int32 description: Version of the attribute content: type: array description: List of all different types of attributes items: $ref: "#/components/schemas/BaseAttributeDtoV2" type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute attributeCallback: $ref: "#/components/schemas/AttributeCallback" description: Optional definition of callback for getting the content of the Attribute based on the action required: - name - type - uuid - version GroupAttributeV3: type: object description: Group attribute and its content represents dynamic list of additional attributes retrieved by callback. Its content can not be edited and is not send in requests to store. properties: schemaVersion: $ref: "#/components/schemas/AttributeVersion" description: Version of the Attribute example: 3 uuid: type: string description: UUID of the Attribute for unique identification example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute that is used for identification examples: - Attribute description: type: string description: "Optional description of the Attribute, should contain helper\ \ text on what is expected" content: type: array description: List of all different types of attributes items: $ref: "#/components/schemas/BaseAttributeDto" version: type: integer format: int32 type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute attributeCallback: $ref: "#/components/schemas/AttributeCallback" description: Optional definition of callback for getting the content of the Attribute based on the action required: - name - schemaVersion - type - uuid InfoAttributeProperties: type: object properties: label: type: string description: Friendly name of the the Attribute examples: - Attribute Name visible: type: boolean default: true description: "Boolean determining if the Attribute is visible and can be\ \ displayed, otherwise it should be hidden to the user." group: type: string description: "Group of the Attribute, used for the logical grouping of the\ \ Attribute" examples: - requiredAttributes required: - label - visible InfoAttributeV2: type: object description: Info attribute contains content that is for information purpose or represents additional information for object (metadata). Its content can not be edited and is not send in requests to store. properties: uuid: type: string description: UUID of the Attribute for unique identification example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute that is used for identification examples: - Attribute description: type: string description: "Optional description of the Attribute, should contain helper\ \ text on what is expected" version: type: integer format: int32 description: Version of the attribute content: type: array description: Content of the Attribute items: $ref: "#/components/schemas/BaseAttributeContentDtoV2" type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute contentType: $ref: "#/components/schemas/AttributeContentType" description: Type of the Content properties: $ref: "#/components/schemas/InfoAttributeProperties" description: Properties of the Attributes required: - content - contentType - name - properties - type - uuid - version InfoAttributeV3: type: object description: Info attribute contains content that is for information purpose or represents additional information for object (metadata). Its content can not be edited and is not send in requests to store. properties: schemaVersion: $ref: "#/components/schemas/AttributeVersion" description: Version of the Attribute example: 3 uuid: type: string description: UUID of the Attribute for unique identification example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute that is used for identification examples: - Attribute description: type: string description: "Optional description of the Attribute, should contain helper\ \ text on what is expected" content: type: array description: Content of the Attribute items: $ref: "#/components/schemas/BaseAttributeContentDtoV3" version: type: integer format: int32 type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute contentType: $ref: "#/components/schemas/AttributeContentType" description: Type of the Content properties: $ref: "#/components/schemas/InfoAttributeProperties" description: Properties of the Attributes required: - content - contentType - name - properties - schemaVersion - type - uuid MetadataAttributeProperties: type: object properties: label: type: string description: Friendly name of the the Attribute examples: - Attribute Name visible: type: boolean default: true description: "Boolean determining if the Attribute is visible and can be\ \ displayed, otherwise it should be hidden to the user." group: type: string description: "Group of the Attribute, used for the logical grouping of the\ \ Attribute" examples: - requiredAttributes global: type: boolean default: false description: Boolean determining if the Metadata is a global metadata. overwrite: type: boolean default: false description: Boolean determining if the new metadata content should overwrite (replace) existing content instead of appending. protectionLevel: $ref: "#/components/schemas/ProtectionLevel" default: none description: Protection level of the attribute content required: - label - visible MetadataAttributeV2: type: object description: Info attribute contains content that is for metadata. Its content can not be edited and is not send in requests to store. properties: uuid: type: string description: UUID of the Attribute for unique identification example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute that is used for identification examples: - Attribute description: type: string description: "Optional description of the Attribute, should contain helper\ \ text on what is expected" version: type: integer format: int32 description: Version of the attribute type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute content: type: array description: Content of the Attribute items: $ref: "#/components/schemas/BaseAttributeContentDtoV2" contentType: $ref: "#/components/schemas/AttributeContentType" description: Type of the Content properties: $ref: "#/components/schemas/MetadataAttributeProperties" description: Properties of the Attributes required: - contentType - name - properties - type - uuid - version MetadataAttributeV3: type: object description: Info attribute contains content that is for metadata. Its content can not be edited and is not send in requests to store. properties: uuid: type: string description: UUID of the Attribute for unique identification example: b11c9be1-b619-4ef5-be1b-a1cd9ef265b7 name: type: string description: Name of the Attribute that is used for identification examples: - Attribute description: type: string description: "Optional description of the Attribute, should contain helper\ \ text on what is expected" version: type: integer format: int32 description: Version of the attribute type: $ref: "#/components/schemas/AttributeType" description: Type of the Attribute content: type: array description: Content of the Attribute items: $ref: "#/components/schemas/BaseAttributeContentDtoV3" contentType: $ref: "#/components/schemas/AttributeContentType" description: Type of the Content properties: $ref: "#/components/schemas/MetadataAttributeProperties" description: Properties of the Attributes schemaVersion: $ref: "#/components/schemas/AttributeVersion" description: Schema version of the Attribute required: - contentType - name - properties - schemaVersion - type - uuid - version KeyEventHistoryDto: type: object properties: uuid: type: string description: UUID of the event keyUuid: type: string description: UUID of the Key created: type: string format: date-time description: Event creation time createdBy: type: string description: Created By event: type: string description: Event type enum: - Create Key - Compromised Key - Destroy Key - Update Key Usages - Sign Data - Verify Data - Encrypt Data - Decrypt Data - Enable Key - Disable Key status: type: string description: Event result enum: - SUCCESS - FAILED message: type: string description: Event message additionalInformation: type: object additionalProperties: {} description: Additional information for the event required: - created - createdBy - event - keyUuid - message - status - uuid FilterFieldType: type: string enum: - string - number - list - date - datetime - boolean PlatformEnum: type: string enum: - Resource - ResourceAction - FilterConditionOperator - FilterFieldType - FilterFieldSource - SettingsSection - AuthType - HealthStatus - ConnectorStatus - FunctionGroupCode - ConnectorVersion - ConnectorInterface - FeatureFlag - CertificateType - CertificateState - CertificateValidationStatus - CertificateFormat - CertificateFormatEncoding - CertificateValidationCheck - CertificateRevocationReason - CertificateRequestFormat - DiscoveryStatus - CertificateProtocol - CertificateSubjectType - CertificateKeyUsage - CertificateRelationType - OidCategory - KeyAlgorithm - KeyFormat - KeyState - KeyType - KeyUsage - KeyRequestType - KeyCompromiseReason - TokenInstanceStatus - DigestAlgorithm - RsaSignatureScheme - RsaEncryptionScheme - ComplianceStatus - ComplianceRuleStatus - AccountStatus - ProtectionMethod - CmpProfileVariant - AttributeType - AttributeContentType - AttributeConstraintType - AttributeValueTarget - ProgrammingLanguageEnum - AttributeVersion - ProtectionLevel - SchedulerJobExecutionStatus - RecipientType - TriggerType - ConditionType - ExecutionType - ResourceEvent - Module - ActorType - AuthMethod - Operation - OperationResult - ApprovalStatusEnum - SecretType - KeyStoreType - SecretState SearchFieldDataByGroupDto: type: object properties: filterFieldSource: $ref: "#/components/schemas/FilterFieldSource" description: Search group searchFieldData: type: array description: List of search fields for specified search group items: $ref: "#/components/schemas/SearchFieldDataDto" required: - filterFieldSource SearchFieldDataDto: type: object properties: fieldIdentifier: type: string description: Identifier of field to search fieldLabel: type: string description: Label for the field type: $ref: "#/components/schemas/FilterFieldType" description: Type of the field conditions: type: array description: List of available conditions for the field items: $ref: "#/components/schemas/FilterConditionOperator" platformEnum: $ref: "#/components/schemas/PlatformEnum" description: Platform enum of the field values attributeContentType: $ref: "#/components/schemas/AttributeContentType" description: Attribute filter field content type value: description: Available values for the field multiValue: type: boolean description: "Multivalue flag. true = yes, false = no" required: - conditions - fieldIdentifier - fieldLabel - type KeyDto: type: object properties: uuid: type: string description: Object identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Object Name examples: - Name description: type: string description: Description of the Key creationTime: type: string format: date-time description: "Creation time of the Key. If the key is discovered from the\ \ connector, then it will be returned" tokenProfileUuid: type: string description: UUID of the Token Profile tokenProfileName: type: string description: Name of the Token Profile tokenInstanceUuid: type: string description: Token Instance UUID tokenInstanceName: type: string description: Token Instance Name owner: type: string description: Owner of the Key ownerUuid: type: string description: UUID of the owner of the Key groups: type: array description: Groups associated to the key items: $ref: "#/components/schemas/GroupDto" items: type: array description: Key Items items: $ref: "#/components/schemas/KeyItemDto" associations: type: integer format: int32 description: Number of associated objects complianceStatus: $ref: "#/components/schemas/ComplianceStatus" description: Key compliance status required: - associations - complianceStatus - creationTime - items - name - uuid securitySchemes: SessionAuth: type: apiKey description: Session-based authentication with session ID stored in 'czertainly-session' cookie name: czertainly-session in: cookie CertificateAuth: type: apiKey description: Base64 encoded X.509 certificate passed in header name: ssl-client-cert in: header BearerJWTAuth: type: http scheme: Bearer bearerFormat: JWT