openapi: 3.1.0 info: title: Uncategorized API description: Various uncategorized REST APIs of the platform contact: name: ILM url: https://www.otilm.com email: info@otilm.com license: name: MIT License url: https://github.com/CZERTAINLY/CZERTAINLY/blob/develop/LICENSE.md version: 2.17.0 x-logo: url: images/ilm-logo.svg externalDocs: description: ILM Documentation url: https://docs.otilm.com servers: - url: https://demo.czertainly.online/api description: CZERTAINLY Demo server tags: - name: CBOM management description: CBOM management API - name: Custom OID Management description: Custom OID Management API - name: Info description: CZERTAINLY Application Information API - name: Audit Log description: Audit Log API - name: Enums description: Enums API - name: Resource Management description: Resource Management API - name: Statistics/Dashboard description: Statistics/Dashboard API - name: Settings description: Settings API paths: /v1/settings/platform: get: tags: - Settings summary: Get platform settings operationId: getPlatformSettings responses: "200": description: Platform settings retrieved content: application/json: schema: $ref: "#/components/schemas/PlatformSettingsDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] put: tags: - Settings summary: Update platform settings operationId: updatePlatformSettings requestBody: content: application/json: schema: $ref: "#/components/schemas/PlatformSettingsUpdateDto" required: true responses: "204": description: Setting updated "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/settings/logging: get: tags: - Settings summary: Get logging settings operationId: getLoggingSettings responses: "200": description: Logging settings retrieved content: application/json: schema: $ref: "#/components/schemas/LoggingSettingsDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] put: tags: - Settings summary: Update logging settings operationId: updateLoggingSettings requestBody: content: application/json: schema: $ref: "#/components/schemas/LoggingSettingsDto" required: true responses: "200": description: Logging settings updated "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/settings/events: get: tags: - Settings summary: Get events settings operationId: getEventsSettings responses: "200": description: Notification settings retrieved content: application/json: schema: $ref: "#/components/schemas/EventsSettingsDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] put: tags: - Settings summary: Update multiple events settings operationId: updateEventsSettings requestBody: content: application/json: schema: $ref: "#/components/schemas/EventsSettingsDto" required: true responses: "204": description: Setting updated "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] patch: tags: - Settings summary: Update single event settings operationId: updateEventSettings requestBody: content: application/json: schema: $ref: "#/components/schemas/EventSettingsDto" required: true responses: "204": description: Setting updated "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/settings/authentication: get: tags: - Settings summary: Get authentication settings operationId: getAuthenticationSettings responses: "200": description: Authentication settings retrieved content: application/json: schema: $ref: "#/components/schemas/AuthenticationSettingsDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] put: tags: - Settings summary: Update authentication settings operationId: updateAuthenticationSettings requestBody: content: application/json: schema: $ref: "#/components/schemas/AuthenticationSettingsUpdateDto" required: true responses: "200": description: Authentication settings updated "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/settings/authentication/oauth2Providers/{providerName}: get: tags: - Settings summary: Get OAuth2 Provider settings operationId: getOAuth2ProviderSettings parameters: - name: providerName in: path description: OAuth2 Provider Name required: true schema: type: string responses: "200": description: OAuth2 Provider settings retrieved content: application/json: schema: $ref: "#/components/schemas/OAuth2ProviderSettingsResponseDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] put: tags: - Settings summary: Update OAuth2 Provider settings operationId: updateOAuth2ProviderSettings parameters: - name: providerName in: path description: OAuth2 Provider Name required: true schema: type: string requestBody: content: application/json: schema: $ref: "#/components/schemas/OAuth2ProviderSettingsUpdateDto" required: true responses: "204": description: Setting updated "400": description: Bad Request content: '*/*': schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: '*/*': schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] delete: tags: - Settings summary: Remove OAuth2 Provider operationId: removeOAuth2Provider parameters: - name: providerName in: path description: OAuth2 Provider Name required: true schema: type: string responses: "204": description: OAuth2 Provider removed. "400": description: Bad Request content: '*/*': schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: '*/*': schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/oids/{oid}: get: tags: - Custom OID Management summary: Get custom OID entry by OID operationId: getCustomOidEntry parameters: - name: oid in: path description: OID identifier required: true schema: type: string responses: "200": description: Custom OID entry retrieved content: application/json: schema: $ref: "#/components/schemas/CustomOidEntryDetailResponseDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] put: tags: - Custom OID Management summary: Edit an existing custom OID entry operationId: editCustomOidEntry parameters: - name: oid in: path description: OID identifier required: true schema: type: string requestBody: content: application/json: schema: $ref: "#/components/schemas/CustomOidEntryUpdateRequestDto" required: true responses: "200": description: Custom OID entry updated content: application/json: schema: $ref: "#/components/schemas/CustomOidEntryDetailResponseDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] delete: tags: - Custom OID Management summary: Delete a custom OID entry by OID operationId: deleteCustomOidEntry parameters: - name: oid in: path description: OID identifier required: true schema: type: string responses: "204": description: Custom OID entry deleted "400": description: Bad Request content: '*/*': schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: '*/*': schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/oids: post: tags: - Custom OID Management summary: Create a new custom OID entry operationId: createCustomOidEntry requestBody: content: application/json: schema: $ref: "#/components/schemas/CustomOidEntryRequestDto" required: true responses: "200": description: Custom OID entry created content: application/json: schema: $ref: "#/components/schemas/CustomOidEntryDetailResponseDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] delete: tags: - Custom OID Management summary: Bulk delete customOID entries operationId: bulkDeleteCustomOidEntry requestBody: content: application/json: schema: type: array items: type: string required: true responses: "204": description: Custom OID entries deleted "400": description: Bad Request content: '*/*': schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: '*/*': schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/oids/list: post: tags: - Custom OID Management summary: List custom OID entries with filtering and pagination operationId: listCustomOidEntries requestBody: content: application/json: schema: $ref: "#/components/schemas/SearchRequestDto" required: true responses: "200": description: Custom OID entries retrieved content: application/json: schema: $ref: "#/components/schemas/CustomOidEntryListResponseDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/cboms: post: tags: - CBOM management summary: List CBOMs operationId: listCboms requestBody: content: application/json: schema: $ref: "#/components/schemas/SearchRequestDto" required: true responses: "200": description: List of available CBOMs content: application/json: schema: $ref: "#/components/schemas/PaginationResponseDtoCbomDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] delete: tags: - CBOM management summary: Delete multiple CBOM entries operationId: bulkDeleteCbom requestBody: content: application/json: schema: type: array items: type: string format: uuid required: true responses: "200": description: CBOM entries deleted content: application/json: schema: type: array items: $ref: "#/components/schemas/BulkActionMessageDto" "422": description: Unprocessable Entity content: application/json: schema: type: array items: type: string example: - Error Message 1 - Error Message 2 "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/cboms/upload: post: tags: - CBOM management summary: Upload CBOM operationId: uploadCbom requestBody: content: application/json: schema: $ref: "#/components/schemas/CbomUploadRequestDto" required: true responses: "201": description: CBOM uploaded content: application/json: schema: $ref: "#/components/schemas/CbomDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/cboms/sync: post: tags: - CBOM management summary: Sync CBOMs operationId: sync responses: "204": description: CBOMs synced "500": description: Internal Server Error "400": description: Bad Request content: '*/*': schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: '*/*': schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/auditLogs: post: tags: - Audit Log summary: List Audit logs operationId: listAuditLogs requestBody: content: application/json: schema: $ref: "#/components/schemas/SearchRequestDto" required: true responses: "200": description: List of audit logs content: application/json: schema: $ref: "#/components/schemas/AuditLogResponseDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/auditLogs/purge: post: tags: - Audit Log summary: Purge Audit logs operationId: purgeAuditLogs requestBody: content: application/json: schema: type: array items: $ref: "#/components/schemas/SearchFilterRequestDto" required: true responses: "204": description: Audit logs purged "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/auditLogs/export: post: tags: - Audit Log summary: Export Audit logs operationId: exportAuditLogs requestBody: content: application/json: schema: type: array items: $ref: "#/components/schemas/SearchFilterRequestDto" required: true responses: "200": description: Export of audit logs content: application/json: schema: type: string format: binary "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/statistics: get: tags: - Statistics/Dashboard summary: Get Dashboard/Statistics Details operationId: getStatistics parameters: - name: includeArchived in: query description: Include archived certificates in the statistics required: false schema: type: boolean default: false responses: "200": description: Details retrieved content: application/json: schema: $ref: "#/components/schemas/StatisticsDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/resources: get: tags: - Resource Management summary: Retrieve list of resources with information and settings operationId: listResources responses: "200": description: Resources retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/ResourceDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/resources/{resource}/filters/rules: get: tags: - Resource Management summary: Retrieve filter fields that can be used for creating rule conditions and actions operationId: listResourceRuleFilterFields parameters: - name: resource in: path description: Resource required: true schema: $ref: "#/components/schemas/Resource" - name: settable in: query required: false schema: type: boolean responses: "200": description: Filter fields retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/SearchFieldDataByGroupDto" "404": description: Resource objects not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/resources/{resource}/events: get: tags: - Resource Management summary: Retrieve a list of all events that can be triggered by a resource operationId: listResourceEvents parameters: - name: resource in: path description: Resource required: true schema: $ref: "#/components/schemas/Resource" responses: "200": description: Events retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/ResourceEventDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/resources/events: get: tags: - Resource Management summary: Retrieve a list of all events that can be triggered by all resources description: "This endpoint returns a map of resource events, where the key\ \ is the event type and the value is a list of event details." operationId: listAllResourceEvents responses: "200": description: Events retrieved content: application/json: schema: type: object additionalProperties: type: array items: $ref: "#/components/schemas/ResourceEventDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/oids/search: get: tags: - Custom OID Management summary: Get searchable filter fields for custom OID entries operationId: getCustomOidEntrySearchableFields responses: "200": description: Searchable fields retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/SearchFieldDataByGroupDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/info: get: tags: - Info summary: Get information about running CZERTAINLY Application operationId: getInfo responses: "200": description: CZERTAINLY Application info retrieved content: application/json: schema: $ref: "#/components/schemas/CoreInfoResponseDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/health/readiness: get: tags: - Info summary: Health readiness check endpoint operationId: getHealthReadiness responses: "200": description: Health readiness checked content: application/json: schema: $ref: "#/components/schemas/ActuatorHealthDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error security: [] /v1/health/liveness: get: tags: - Info summary: Health liveness check endpoint operationId: getHealthLiveness responses: "200": description: Health liveness checked content: application/json: schema: $ref: "#/components/schemas/ActuatorHealthDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error security: [] /v1/enums: get: tags: - Enums summary: Get platform enums operationId: getPlatformEnums responses: "200": description: Platform settings retrieved content: application/json: schema: type: object additionalProperties: type: object additionalProperties: $ref: "#/components/schemas/EnumItemDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/cboms/{uuid}: get: tags: - CBOM management summary: CBOM detail operationId: getCbomDetail parameters: - name: uuid in: path description: CBOM entry UUID required: true schema: type: string format: uuid responses: "200": description: CBOM details retrieved content: application/json: schema: $ref: "#/components/schemas/CbomDetailDto" "404": description: CBOM not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] delete: tags: - CBOM management summary: Delete CBOM entry operationId: deleteCbom parameters: - name: uuid in: path description: CBOM entry UUID required: true schema: type: string format: uuid responses: "204": description: CBOM entry deleted "404": description: CBOM entry not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/cboms/{uuid}/versions: get: tags: - CBOM management summary: List CBOM versions operationId: listCbomVersions parameters: - name: uuid in: path description: CBOM entry UUID required: true schema: type: string format: uuid responses: "200": description: List of CBOM versions retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/CbomDto" "404": description: CBOM not found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/cboms/search: get: tags: - CBOM management summary: Get Cbom searchable fields information operationId: getCbomSearchableFields responses: "200": description: Cbom searchable field information retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/SearchFieldDataByGroupDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] /v1/auditLogs/search: get: tags: - Audit Log summary: Get Audit logs searchable fields information operationId: getAuditLogSearchableFields responses: "200": description: Audit logs searchable field information retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/SearchFieldDataByGroupDto" "400": description: Bad Request content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "401": description: Unauthorized "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/AuthenticationServiceExceptionDto" "500": description: Internal Server Error security: - BearerJWTAuth: [] - CertificateAuth: [] - SessionAuth: [] components: schemas: CertificateSettingsUpdateDto: type: object properties: validation: $ref: "#/components/schemas/CertificateValidationSettingsUpdateDto" description: Settings of validation of certificates CertificateValidationSettingsUpdateDto: type: object properties: enabled: type: boolean default: true description: Indicator whether validation of certificates should be enabled frequency: type: integer format: int32 default: 1 description: Frequency of validation of certificates in days minimum: 1 expiringThreshold: type: integer format: int32 default: 30 description: How many days before expiration should certificate validation status change to Expiring minimum: 1 required: - enabled PlatformSettingsUpdateDto: type: object properties: utils: $ref: "#/components/schemas/UtilsSettingsDto" description: Utils settings of the platform certificates: $ref: "#/components/schemas/CertificateSettingsUpdateDto" description: Settings applicable to all certificates in inventory by default UtilsSettingsDto: type: object properties: utilsServiceUrl: type: string description: URL of the Util Service examples: - http://util-service:8080 cbomRepositoryUrl: type: string description: URL of the CBOM Repository examples: - http://cbom-repository:8080 ErrorMessageDto: type: object properties: message: type: string description: Error message detail examples: - Error message required: - message AuthenticationServiceExceptionDto: type: object properties: statusCode: type: integer format: int32 description: Status code of the HTTP Request code: type: string description: Code of the result message: type: string description: Exception message required: - code - message - statusCode AuditLoggingSettingsDto: type: object properties: logAllModules: type: boolean description: "Collect logs for all modules. If true, logged modules list\ \ is not taken into account only ignored modules" logAllResources: type: boolean description: "Collect logs for all resources. If true, logged resources\ \ list is not taken into account only ignored resources" loggedModules: type: array description: List of modules for which logs are collected. items: $ref: "#/components/schemas/Module" uniqueItems: true ignoredModules: type: array description: List of modules that will be ignored when logging. items: $ref: "#/components/schemas/Module" uniqueItems: true loggedResources: type: array description: List of resources for which logs are collected. items: $ref: "#/components/schemas/Resource" uniqueItems: true ignoredResources: type: array description: List of resources that will be ignored when logging. items: $ref: "#/components/schemas/Resource" uniqueItems: true output: type: string description: Type of audit logs output/storage channel enum: - NONE - ALL - CONSOLE - DATABASE verbose: type: boolean description: Additional data should be logged required: - logAllModules - logAllResources - output LoggingSettingsDto: type: object properties: auditLogs: $ref: "#/components/schemas/AuditLoggingSettingsDto" description: Settings of audit logging eventLogs: $ref: "#/components/schemas/ResourceLoggingSettingsDto" description: Settings of event logging required: - auditLogs - eventLogs Module: type: string enum: - approvals - auth - certificates - keys - compliance - core - discovery - entities - protocols - scheduler - secrets - workflows Resource: type: string enum: - NONE - ANY - dashboard - settings - auditLogs - credentials - connectors - attributes - jobs - users - roles - acmeAccounts - acmeProfiles - cboms - scepProfiles - cmpProfiles - authorities - raProfiles - certificates - certificateRequests - groups - complianceProfiles - discoveries - oids - entities - locations - tokenProfiles - tokens - keys - approvalProfiles - approvals - notificationProfiles - notificationInstances - rules - actions - triggers - resources - resourceEvents - searchFilters - keyItems - platformEnums - notifications - conditions - executions - complianceRules - complianceGroups - customAttributes - globalMetadata - acmeOrders - acmeAuthorizations - acmeChallenges - cmpTransactions - endEntityProfiles - authenticationProviders - vaults - vaultProfiles - secrets ResourceLoggingSettingsDto: type: object properties: logAllModules: type: boolean description: "Collect logs for all modules. If true, logged modules list\ \ is not taken into account only ignored modules" logAllResources: type: boolean description: "Collect logs for all resources. If true, logged resources\ \ list is not taken into account only ignored resources" loggedModules: type: array description: List of modules for which logs are collected. items: $ref: "#/components/schemas/Module" uniqueItems: true ignoredModules: type: array description: List of modules that will be ignored when logging. items: $ref: "#/components/schemas/Module" uniqueItems: true loggedResources: type: array description: List of resources for which logs are collected. items: $ref: "#/components/schemas/Resource" uniqueItems: true ignoredResources: type: array description: List of resources that will be ignored when logging. items: $ref: "#/components/schemas/Resource" uniqueItems: true required: - logAllModules - logAllResources EventsSettingsDto: type: object description: DTO representing settings of multiple events mapped by its enum properties: eventsMapping: type: object additionalProperties: type: array items: type: string format: uuid description: Map of triggers associated to event where key is resource event enum and value is list of trigger UUIDs propertyNames: $ref: "#/components/schemas/ResourceEvent" required: - eventsMapping ResourceEvent: type: string enum: - certificate_status_changed - certificate_action_performed - certificate_discovered - certificate_expiring - certificate_not_compliant - discovery_finished - approval_requested - approval_closed - scheduled_job_finished AuthenticationSettingsUpdateDto: type: object properties: disableLocalhostUser: type: boolean description: Disable using localhost user for requests from localhost oauth2Providers: type: array items: $ref: "#/components/schemas/OAuth2ProviderSettingsDto" required: - disableLocalhostUser OAuth2ProviderSettingsDto: type: object properties: name: type: string description: Name of OAuth2 Provider issuerUrl: type: string description: "URL of issuer issuing authentication tokens. If provided,\ \ authentication via JWT token is enabled for this provider." clientId: type: string description: The client ID used to identify the client application during the authorization process. clientSecret: type: string description: The client secret used by the client application to authenticate with the authorization server. authorizationUrl: type: string description: The URL where the authorization server redirects the user for login and authorization. tokenUrl: type: string description: The URl used to exchange the authorization code or credentials for an access token. jwkSetUrl: type: string description: The URL where the JSON Web Key Set (JWKS) containing the public keys used to verify JWT tokens can be retrieved. jwkSet: type: string description: "Base64 encoded JWK Set, provided in case JWK Set URL is not\ \ available" scope: type: array description: ' The list of scopes that define the access levels and permissions requested by the client application.' items: type: string logoutUrl: type: string description: URL to end session on provider side. postLogoutUrl: type: string description: URL that user will be redirected after logout from application. userInfoUrl: type: string description: The URL containing information about user. audiences: type: array description: "A list of expected audiences for validating the issued tokens,\ \ used to match the intended recipients of the tokens." items: type: string skew: type: integer format: int32 description: "The allowed time skew, in seconds, for token validation. This\ \ accounts for clock differences between systems. Default value is 30\ \ seconds." sessionMaxInactiveInterval: type: integer format: int32 default: 900 description: "Duration, in seconds, after which an inactive user's session\ \ will be terminated. Default value is 900 seconds." required: - name OAuth2ProviderSettingsUpdateDto: type: object properties: issuerUrl: type: string description: "URL of issuer issuing authentication tokens. If provided,\ \ authentication via JWT token is enabled for this provider." clientId: type: string description: The client ID used to identify the client application during the authorization process. clientSecret: type: string description: The client secret used by the client application to authenticate with the authorization server. authorizationUrl: type: string description: The URL where the authorization server redirects the user for login and authorization. tokenUrl: type: string description: The URl used to exchange the authorization code or credentials for an access token. jwkSetUrl: type: string description: The URL where the JSON Web Key Set (JWKS) containing the public keys used to verify JWT tokens can be retrieved. jwkSet: type: string description: "Base64 encoded JWK Set, provided in case JWK Set URL is not\ \ available" scope: type: array description: ' The list of scopes that define the access levels and permissions requested by the client application.' items: type: string logoutUrl: type: string description: URL to end session on provider side. postLogoutUrl: type: string description: URL that user will be redirected after logout from application. userInfoUrl: type: string description: The URL containing information about user. audiences: type: array description: "A list of expected audiences for validating the issued tokens,\ \ used to match the intended recipients of the tokens." items: type: string skew: type: integer format: int32 description: "The allowed time skew, in seconds, for token validation. This\ \ accounts for clock differences between systems. Default value is 30\ \ seconds." sessionMaxInactiveInterval: type: integer format: int32 default: 900 description: "Duration, in seconds, after which an inactive user's session\ \ will be terminated. Default value is 900 seconds." AdditionalOidPropertiesDto: description: Additional properties of custom OID entry CustomOidEntryUpdateRequestDto: type: object properties: displayName: type: string description: Display name of the custom OID entry minLength: 1 description: type: string description: Description of the custom OID entry category: $ref: "#/components/schemas/OidCategory" description: "Category of the OID entry. When updating OID entry, this property\ \ does not change the category and is instead used to determine type of\ \ additional properties." additionalProperties: description: Additional properties depending on OID category oneOf: - $ref: "#/components/schemas/RdnAttributeTypeOidPropertiesDto" required: - category - displayName OidCategory: type: string enum: - rdnAttributeType - extendedKeyUsage - generic RdnAttributeTypeOidPropertiesDto: allOf: - $ref: "#/components/schemas/AdditionalOidPropertiesDto" - type: object properties: code: type: string description: "Code to be displayed in RDN string (e.g., CN for Common\ \ Name)" minLength: 1 pattern: "^[A-Za-z][A-Za-z0-9-]*$" altCodes: type: array description: Alternative codes that can appear in RDN representing the same OID items: type: string minLength: 1 pattern: "^[A-Za-z][A-Za-z0-9-]*$" required: - code CustomOidEntryDetailResponseDto: type: object properties: oid: type: string description: Object Identifier (OID) in dot notation displayName: type: string description: Display name of the custom OID entry description: type: string description: Description of the custom OID entry category: $ref: "#/components/schemas/OidCategory" description: Category of the custom OID entry additionalProperties: description: Additional properties depending on the OID category oneOf: - $ref: "#/components/schemas/RdnAttributeTypeOidPropertiesDto" required: - category - displayName - oid CustomOidEntryRequestDto: type: object properties: displayName: type: string description: Display name of the custom OID entry minLength: 1 description: type: string description: Description of the custom OID entry category: $ref: "#/components/schemas/OidCategory" description: "Category of the OID entry. When updating OID entry, this property\ \ does not change the category and is instead used to determine type of\ \ additional properties." additionalProperties: description: Additional properties depending on OID category oneOf: - $ref: "#/components/schemas/RdnAttributeTypeOidPropertiesDto" oid: type: string description: "Object Identifier (OID) in dot notation (e.g., 1.2.840.113549.1.1.1)" example: 1.2.840.113549.1.1.1 minLength: 1 pattern: "^[0-2](\\.(0|[1-9]\\d*)){1,50}$" required: - category - displayName - oid FilterConditionOperator: type: string enum: - EQUALS - NOT_EQUALS - GREATER - GREATER_OR_EQUAL - LESSER - LESSER_OR_EQUAL - CONTAINS - NOT_CONTAINS - STARTS_WITH - ENDS_WITH - EMPTY - NOT_EMPTY - IN_NEXT - IN_PAST - MATCHES - NOT_MATCHES - COUNT_EQUAL - COUNT_NOT_EQUAL - COUNT_GREATER_THAN - COUNT_LESS_THAN FilterFieldSource: type: string enum: - meta - custom - data - property SearchFilterRequestDto: type: object properties: fieldSource: $ref: "#/components/schemas/FilterFieldSource" description: Field group of search filter fieldIdentifier: type: string description: "Field identifier of search filter. List of available fields\ \ with their identifiers can be retrieved from corresponding endpoint\ \ `GET /v1/{resource}/search`, e.g.: [**GET /v1/certificates/search**](../core-certificate/#tag/Certificate-Inventory/operation/getSearchableFieldInformation)" condition: $ref: "#/components/schemas/FilterConditionOperator" description: Condition for the search filter value: description: Value to match required: - condition - fieldIdentifier - fieldSource SearchRequestDto: type: object properties: filters: type: array description: Certificate filter input items: $ref: "#/components/schemas/SearchFilterRequestDto" itemsPerPage: type: integer format: int32 default: 10 description: Number of entries per page maximum: 1000 pageNumber: type: integer format: int32 default: 1 description: Page number for the request CustomOidEntryListResponseDto: type: object properties: itemsPerPage: type: integer format: int32 description: Number of entries per page pageNumber: type: integer format: int32 description: Page number for the request totalPages: type: integer format: int32 description: Number of pages available totalItems: type: integer format: int64 description: Number of items available oidEntries: type: array description: List of custom OID entries items: $ref: "#/components/schemas/CustomOidEntryResponseDto" required: - itemsPerPage - pageNumber - totalItems - totalPages CustomOidEntryResponseDto: type: object properties: oid: type: string description: Object Identifier (OID) in dot notation displayName: type: string description: Display name of the custom OID entry description: type: string description: Description of the custom OID entry category: $ref: "#/components/schemas/OidCategory" description: Category of the custom OID entry required: - category - displayName - oid CbomDto: type: object properties: uuid: type: string format: uuid description: UUID of a CBOM record createdAt: type: string format: date-time description: Creation timestamp of CBOM database record serialNumber: type: string description: CBOM serial number (URN) version: type: integer format: int32 description: CBOM version specVersion: type: string description: CBOM spec version timestamp: type: string format: date-time description: A timestamp from CBOM metadata source: type: string description: "CBOM source (e.g.: CBOM-Lens)" algorithms: type: integer format: int32 description: Number of algorithms certificates: type: integer format: int32 description: Number of certificates protocols: type: integer format: int32 description: Number of protocols cryptoMaterial: type: integer format: int32 description: Number of crypto material items totalAssets: type: integer format: int32 description: Total number of assets required: - algorithms - certificates - createdAt - cryptoMaterial - protocols - serialNumber - source - specVersion - timestamp - totalAssets - uuid - version PaginationResponseDtoCbomDto: type: object properties: items: type: array description: Items returned items: $ref: "#/components/schemas/CbomDto" itemsPerPage: type: integer format: int32 description: Number of entries per page pageNumber: type: integer format: int32 description: Page number for the request totalPages: type: integer format: int32 description: Number of pages available totalItems: type: integer format: int64 description: Number of items available required: - items - itemsPerPage - pageNumber - totalItems - totalPages CbomUploadRequestDto: type: object properties: content: type: object additionalProperties: {} description: Raw JSON content of CBOM document required: - content ActorRecord: type: object properties: type: $ref: "#/components/schemas/ActorType" authMethod: $ref: "#/components/schemas/AuthMethod" uuid: type: string format: uuid name: type: string required: - authMethod - type ActorType: type: string enum: - anonymous - core - user - connector - protocol AuditLogDto: type: object properties: id: type: integer format: int64 description: Audit log Id version: type: string description: Log schema version loggedAt: type: string format: date-time description: Time when the audit log is stored timestamp: type: string format: date-time description: Time when the audit log has been created module: $ref: "#/components/schemas/Module" description: Module of platform where log occurred actor: $ref: "#/components/schemas/ActorRecord" description: Actor of log record source: $ref: "#/components/schemas/SourceRecord" description: Source of log record resource: $ref: "#/components/schemas/ResourceRecord" description: Resource that is subject of action logged affiliatedResource: $ref: "#/components/schemas/ResourceRecord" description: Affiliated resource that is related to subject resource operation: $ref: "#/components/schemas/Operation" description: Resource operation that is being logged operationResult: $ref: "#/components/schemas/OperationResult" description: Result of the resource operation. Either success or failed message: type: string description: Additional message operationData: description: Structured data dependent on resource and its operation additionalData: type: object additionalProperties: {} description: Additional data specific to event logged required: - actor - id - loggedAt - module - operation - operationResult - resource - timestamp - version AuditLogResponseDto: type: object properties: itemsPerPage: type: integer format: int32 description: Number of entries per page pageNumber: type: integer format: int32 description: Page number for the request totalPages: type: integer format: int32 description: Number of pages available totalItems: type: integer format: int64 description: Number of items available items: type: array description: Audit log items items: $ref: "#/components/schemas/AuditLogDto" required: - items - itemsPerPage - pageNumber - totalItems - totalPages AuthMethod: type: string enum: - none - certificate - token - session - apiKey - userProxy Operation: type: string enum: - unknown - list - detail - create - update - delete - forceDelete - add - remove - request - register - enable - disable - activate - deactivate - listAssociations - associate - disassociate - history - summary - listRules - getComplianceResult - checkCompliance - checkValidation - issue - renew - rekey - revoke - export - getStatus - getContent - getChain - download - downloadChain - getProtocolInfo - listProtocolCertificates - updateProtocolIssueProfile - activateProtocol - deactivateProtocol - acmeDirectory - acmeNonce - acmeKeyRollover - acmeValidate - acmeFinalize - scepCaCapabilities - scepCertificatePoll - scepTransactionCheck - cmpConfirm - upload - sync - compromise - destroy - updateKeyUsage - encrypt - decrypt - sign - verify - randomData - pushToLocation - removeFromLocation - issueInLocation - renewInLocation - connect - reconnect - checkHealth - getConnectorInfo - statistics - approve - approveOverride - reject - rejectOverride - login - logout - authentication - getUserProfile - updateUserProfile - identify - markAsRead - getPermissions - getObjectPermissions - updatePermissions - updateObjectPermissions - schedule - listAttributes - validateAttributes - attributeCallback - updateAttributeResources - updateAttributeContent - deleteAttributeContent - promoteMetadata - archive - unarchive - getAssociations - listVersions - listCertificateProfiles - listCas OperationResult: type: string enum: - success - failure ResourceObjectIdentity: type: object properties: name: type: string uuid: type: string format: uuid ResourceRecord: type: object properties: type: $ref: "#/components/schemas/Resource" objects: type: array items: $ref: "#/components/schemas/ResourceObjectIdentity" required: - type SourceRecord: type: object properties: method: type: string path: type: string contentType: type: string ipAddress: type: string userAgent: type: string required: - method - path EventSettingsDto: type: object description: DTO representing settings of single event properties: event: $ref: "#/components/schemas/ResourceEvent" description: Resource event triggerUuids: type: array description: List of triggers associated with event items: type: string format: uuid required: - event - triggerUuids StatisticsDto: type: object properties: totalCertificates: type: integer format: int64 description: Number Certificates available totalGroups: type: integer format: int64 description: Number of Groups totalDiscoveries: type: integer format: int64 description: Number of Discoveries triggered totalConnectors: type: integer format: int64 description: Number of Connectors added totalRaProfiles: type: integer format: int64 description: Number of RA Profiles in the platform totalCredentials: type: integer format: int64 description: Number of Credentials totalAuthorities: type: integer format: int64 description: Number of Authority instances totalAdministrators: type: integer format: int64 description: Number of Administrators totalClients: type: integer format: int64 description: Number of Clients added groupStatByCertificateCount: type: object additionalProperties: type: integer format: int64 description: Map of Certificate count by Group raProfileStatByCertificateCount: type: object additionalProperties: type: integer format: int64 description: Map of Certificate count by RA Profile certificateStatByType: type: object additionalProperties: type: integer format: int64 description: Map of Certificate count by Type certificateStatByExpiry: type: object additionalProperties: type: integer format: int64 description: Map of Certificate count by expiry date certificateStatByKeySize: type: object additionalProperties: type: integer format: int64 description: Map of Certificate count by key size certificateStatBySubjectType: type: object additionalProperties: type: integer format: int64 description: Map of Certificate count by subject type certificateStatByState: type: object additionalProperties: type: integer format: int64 description: Map of Certificate count by state certificateStatByValidationStatus: type: object additionalProperties: type: integer format: int64 description: Map of Certificate count by validationStatus certificateStatByComplianceStatus: type: object additionalProperties: type: integer format: int64 description: Map of Certificate count by compliance status totalSecrets: type: integer format: int64 description: Number of Secrets totalVaultInstances: type: integer format: int64 description: Number of Vault Instances totalVaultProfiles: type: integer format: int64 description: Number of Vault Profiles secretStatByType: type: object additionalProperties: type: integer format: int64 description: Map of Secret count by type secretStatByState: type: object additionalProperties: type: integer format: int64 description: Map of Secret count by state secretStatByComplianceStatus: type: object additionalProperties: type: integer format: int64 description: Map of Secret count by compliance status secretStatByVaultProfile: type: object additionalProperties: type: integer format: int64 description: Map of Secret count by vault profile secretStatByGroup: type: object additionalProperties: type: integer format: int64 description: Map of Secret count by group connectorStatByStatus: type: object additionalProperties: type: integer format: int64 description: Map of Connector count by status raProfileStatByStatus: type: object additionalProperties: type: integer format: int64 description: Map of RA Profile count by status administratorStatByStatus: type: object additionalProperties: type: integer format: int64 description: Map of Administrator count by status clientStatByStatus: type: object additionalProperties: type: integer format: int64 description: Map of Client count by status CertificateSettingsDto: type: object properties: validation: $ref: "#/components/schemas/CertificateValidationSettingsDto" CertificateValidationSettingsDto: type: object properties: enabled: type: boolean description: Indicator whether validation of certificates should be enabled frequency: type: integer format: int32 description: Frequency of validation of certificates in days minimum: 1 expiringThreshold: type: integer format: int32 description: How many days before expiration should certificate validation status change to Expiring minimum: 1 required: - enabled PlatformSettingsDto: type: object properties: utils: $ref: "#/components/schemas/UtilsSettingsDto" description: Utils settings of the platform certificates: $ref: "#/components/schemas/CertificateSettingsDto" description: Settings applicable to all certificates in inventory by default AuthenticationSettingsDto: type: object properties: disableLocalhostUser: type: boolean description: Disable using localhost user for requests from localhost oauth2Providers: type: object additionalProperties: $ref: "#/components/schemas/OAuth2ProviderSettingsDto" required: - disableLocalhostUser JwkDto: type: object properties: kid: type: string description: The key ID parameter used to match a specific key in provider publicKey: type: string description: Base64 encoded value of public key keyType: type: string description: "The cryptographic algorithm family used with the key, such\ \ as \"RSA\" or \"EC\"" algorithm: type: string description: The algorithm intended for use with the key use: type: string description: The intended use of the public key required: - kid - publicKey OAuth2ProviderSettingsResponseDto: type: object properties: issuerUrl: type: string description: "URL of issuer issuing authentication tokens. If provided,\ \ authentication via JWT token is enabled for this provider." clientId: type: string description: The client ID used to identify the client application during the authorization process. clientSecret: type: string description: The client secret used by the client application to authenticate with the authorization server. authorizationUrl: type: string description: The URL where the authorization server redirects the user for login and authorization. tokenUrl: type: string description: The URl used to exchange the authorization code or credentials for an access token. jwkSetUrl: type: string description: The URL where the JSON Web Key Set (JWKS) containing the public keys used to verify JWT tokens can be retrieved. jwkSet: type: string description: "Base64 encoded JWK Set, provided in case JWK Set URL is not\ \ available" scope: type: array description: ' The list of scopes that define the access levels and permissions requested by the client application.' items: type: string logoutUrl: type: string description: URL to end session on provider side. postLogoutUrl: type: string description: URL that user will be redirected after logout from application. userInfoUrl: type: string description: The URL containing information about user. audiences: type: array description: "A list of expected audiences for validating the issued tokens,\ \ used to match the intended recipients of the tokens." items: type: string skew: type: integer format: int32 description: "The allowed time skew, in seconds, for token validation. This\ \ accounts for clock differences between systems. Default value is 30\ \ seconds." sessionMaxInactiveInterval: type: integer format: int32 default: 900 description: "Duration, in seconds, after which an inactive user's session\ \ will be terminated. Default value is 900 seconds." name: type: string description: Name of OAuth2 Provider jwkSetKeys: type: array description: List of public keys used by the provider items: $ref: "#/components/schemas/JwkDto" required: - jwkSetKeys - name ResourceDto: type: object properties: resource: $ref: "#/components/schemas/Resource" description: Resource code examples: - certificates hasObjectAccess: type: boolean description: "If resource has Object access permissions. True = Yes, False\ \ = No" hasCustomAttributes: type: boolean description: Support assigning custom attributes to resource objects hasGroups: type: boolean description: Support assigning groups to resource objects hasOwner: type: boolean description: Support assigning owner to resource objects hasEvents: type: boolean description: Has events that can be used in triggers hasRuleEvaluator: type: boolean description: Has rule evaluator that can evaluate conditions and actions complianceSubject: type: boolean description: Is resource subject of compliance check and can compliance be run on objects of this resource hasComplianceProfiles: type: boolean description: Can compliance profiles be assigned to objects of this resource required: - complianceSubject - hasComplianceProfiles - hasCustomAttributes - hasEvents - hasGroups - hasObjectAccess - hasOwner - hasRuleEvaluator - resource AttributeContentType: type: string enum: - string - text - integer - boolean - float - date - time - datetime - secret - file - credential - codeblock - object - resource FilterFieldType: type: string enum: - string - number - list - date - datetime - boolean PlatformEnum: type: string enum: - Resource - ResourceAction - FilterConditionOperator - FilterFieldType - FilterFieldSource - SettingsSection - AuthType - HealthStatus - ConnectorStatus - FunctionGroupCode - ConnectorVersion - ConnectorInterface - FeatureFlag - CertificateType - CertificateState - CertificateValidationStatus - CertificateFormat - CertificateFormatEncoding - CertificateValidationCheck - CertificateRevocationReason - CertificateRequestFormat - DiscoveryStatus - CertificateProtocol - CertificateSubjectType - CertificateKeyUsage - CertificateRelationType - OidCategory - KeyAlgorithm - KeyFormat - KeyState - KeyType - KeyUsage - KeyRequestType - KeyCompromiseReason - TokenInstanceStatus - DigestAlgorithm - RsaSignatureScheme - RsaEncryptionScheme - ComplianceStatus - ComplianceRuleStatus - AccountStatus - ProtectionMethod - CmpProfileVariant - AttributeType - AttributeContentType - AttributeConstraintType - AttributeValueTarget - ProgrammingLanguageEnum - AttributeVersion - ProtectionLevel - SchedulerJobExecutionStatus - RecipientType - TriggerType - ConditionType - ExecutionType - ResourceEvent - Module - ActorType - AuthMethod - Operation - OperationResult - ApprovalStatusEnum - SecretType - KeyStoreType - SecretState SearchFieldDataByGroupDto: type: object properties: filterFieldSource: $ref: "#/components/schemas/FilterFieldSource" description: Search group searchFieldData: type: array description: List of search fields for specified search group items: $ref: "#/components/schemas/SearchFieldDataDto" required: - filterFieldSource SearchFieldDataDto: type: object properties: fieldIdentifier: type: string description: Identifier of field to search fieldLabel: type: string description: Label for the field type: $ref: "#/components/schemas/FilterFieldType" description: Type of the field conditions: type: array description: List of available conditions for the field items: $ref: "#/components/schemas/FilterConditionOperator" platformEnum: $ref: "#/components/schemas/PlatformEnum" description: Platform enum of the field values attributeContentType: $ref: "#/components/schemas/AttributeContentType" description: Attribute filter field content type value: description: Available values for the field multiValue: type: boolean description: "Multivalue flag. true = yes, false = no" required: - conditions - fieldIdentifier - fieldLabel - type ResourceEventDto: type: object properties: event: $ref: "#/components/schemas/ResourceEvent" description: Resource event code examples: - discoveryFinished producedResource: $ref: "#/components/schemas/Resource" description: Resource of objects that are subject of event required: - event AppInfoDto: type: object properties: name: type: string description: CZERTAINLY Application name version: type: string description: CZERTAINLY Core version required: - name - version BuildInfoDto: type: object properties: timestamp: type: string format: date-time description: App build timestamp example: 2024-06-01T12:00:00Z branch: type: string description: Git branch name example: main commitId: type: string description: Abbreviated ID of the commit example: a1b2c3d required: - timestamp CoreInfoResponseDto: type: object properties: app: $ref: "#/components/schemas/AppInfoDto" description: ILM Application information build: $ref: "#/components/schemas/BuildInfoDto" description: ILM Application build information. May be omitted depending on deployment configuration db: $ref: "#/components/schemas/DatabaseInfoDto" description: Database information required: - app - db DatabaseInfoDto: type: object properties: system: type: string description: Database system product name version: type: string description: Database product version required: - system - version ActuatorHealthDto: type: object properties: status: type: string description: Status of the application health enum: - UNKNOWN - UP - DOWN - OUT_OF_SERVICE required: - status EnumItemDto: type: object properties: code: type: string description: Enum item code examples: - X509 label: type: string description: Enum item display label examples: - X.509 description: type: string description: Enum item description examples: - X.509 Certificate type required: - code - label CbomDetailDto: type: object properties: uuid: type: string format: uuid description: UUID of a CBOM record createdAt: type: string format: date-time description: Creation timestamp of CBOM database record serialNumber: type: string description: CBOM serial number (URN) version: type: integer format: int32 description: CBOM version specVersion: type: string description: CBOM spec version timestamp: type: string format: date-time description: A timestamp from CBOM metadata source: type: string description: "CBOM source (e.g.: CBOM-Lens)" algorithms: type: integer format: int32 description: Number of algorithms certificates: type: integer format: int32 description: Number of certificates protocols: type: integer format: int32 description: Number of protocols cryptoMaterial: type: integer format: int32 description: Number of crypto material items totalAssets: type: integer format: int32 description: Total number of assets content: type: object additionalProperties: {} description: Raw JSON content of CBOM document required: - algorithms - certificates - content - createdAt - cryptoMaterial - protocols - serialNumber - source - specVersion - timestamp - totalAssets - uuid - version BulkActionMessageDto: type: object properties: uuid: type: string description: Object identifier examples: - 7b55ge1c-844f-11dc-a8a3-0242ac120002 name: type: string description: Object Name examples: - Name message: type: string description: Message describing the associations of the Objects which is preventing the bulk operation examples: - Object is associated with other items required: - message - name - uuid securitySchemes: SessionAuth: type: apiKey description: Session-based authentication with session ID stored in 'czertainly-session' cookie name: czertainly-session in: cookie CertificateAuth: type: apiKey description: Base64 encoded X.509 certificate passed in header name: ssl-client-cert in: header BearerJWTAuth: type: http scheme: Bearer bearerFormat: JWT