openapi: 3.1.0 info: title: Citrix Secure Private Access API description: >- REST API for managing zero trust network access policies, applications, application domains, and certificates in Citrix Secure Private Access, providing secure access to internal web and SaaS applications. version: '1.0' contact: name: Citrix Support url: https://support.citrix.com/ termsOfService: https://developer.cloud.com/citrix-developer-terms-of-use externalDocs: description: Secure Private Access API Documentation url: https://developer-docs.citrix.com/en-us/secure-private-access/access-security/overview.html servers: - url: https://api.cloud.com/accessSecurity description: Citrix Cloud Production tags: - name: Access Policies description: Manage zero trust access policies - name: Application Domains description: Manage application domain configurations - name: Applications description: Manage SaaS and web applications - name: Certificates description: Manage application certificates security: - bearerAuth: [] paths: /applications: get: operationId: listApplications summary: Citrix List applications description: >- Retrieve all applications configured in Secure Private Access. tags: - Applications parameters: - $ref: '#/components/parameters/CitrixCustomerId' responses: '200': description: List of applications content: application/json: schema: type: object properties: items: type: array items: $ref: '#/components/schemas/Application' '401': description: Unauthorized post: operationId: createApplication summary: Citrix Create an application description: >- Create a new application configuration for secure private access. tags: - Applications parameters: - $ref: '#/components/parameters/CitrixCustomerId' requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/CreateApplicationRequest' responses: '201': description: Application created content: application/json: schema: $ref: '#/components/schemas/Application' '400': description: Invalid request '401': description: Unauthorized /applications/{applicationId}: get: operationId: getApplication summary: Citrix Get an application description: >- Retrieve details of a specific application. tags: - Applications parameters: - $ref: '#/components/parameters/CitrixCustomerId' - $ref: '#/components/parameters/applicationId' responses: '200': description: Application details content: application/json: schema: $ref: '#/components/schemas/Application' '401': description: Unauthorized '404': description: Application not found put: operationId: updateApplication summary: Citrix Update an application description: >- Update an existing application configuration. tags: - Applications parameters: - $ref: '#/components/parameters/CitrixCustomerId' - $ref: '#/components/parameters/applicationId' requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/UpdateApplicationRequest' responses: '200': description: Application updated '400': description: Invalid request '401': description: Unauthorized '404': description: Application not found delete: operationId: deleteApplication summary: Citrix Delete an application description: >- Delete an application configuration. tags: - Applications parameters: - $ref: '#/components/parameters/CitrixCustomerId' - $ref: '#/components/parameters/applicationId' responses: '204': description: Application deleted '401': description: Unauthorized '404': description: Application not found /policies: get: operationId: listAccessPolicies summary: Citrix List access policies description: >- Retrieve all access policies configured for secure private access. tags: - Access Policies parameters: - $ref: '#/components/parameters/CitrixCustomerId' responses: '200': description: List of access policies content: application/json: schema: type: object properties: items: type: array items: $ref: '#/components/schemas/AccessPolicy' '401': description: Unauthorized post: operationId: createAccessPolicy summary: Citrix Create an access policy description: >- Create a new zero trust access policy. tags: - Access Policies parameters: - $ref: '#/components/parameters/CitrixCustomerId' requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/CreateAccessPolicyRequest' responses: '201': description: Access policy created content: application/json: schema: $ref: '#/components/schemas/AccessPolicy' '400': description: Invalid request '401': description: Unauthorized /certificate: post: operationId: createCertificate summary: Citrix Upload a certificate description: >- Upload a new SSL certificate for use with applications. tags: - Certificates parameters: - $ref: '#/components/parameters/CitrixCustomerId' requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/CreateCertificateRequest' responses: '201': description: Certificate uploaded content: application/json: schema: $ref: '#/components/schemas/Certificate' '400': description: Invalid request '401': description: Unauthorized /application/{applicationId}/domain/{encodedURL}: get: operationId: getApplicationDomainCertificate summary: Citrix Get domain certificate for an application description: >- Retrieve the certificate associated with a specific application domain. tags: - Application Domains parameters: - $ref: '#/components/parameters/CitrixCustomerId' - $ref: '#/components/parameters/applicationId' - name: encodedURL in: path required: true description: URL-encoded domain name schema: type: string responses: '200': description: Certificate details for the domain content: application/json: schema: $ref: '#/components/schemas/Certificate' '401': description: Unauthorized '404': description: Domain or certificate not found put: operationId: associateDomainCertificate summary: Citrix Associate certificate with application domain description: >- Associate an SSL certificate with a specific application domain. tags: - Application Domains parameters: - $ref: '#/components/parameters/CitrixCustomerId' - $ref: '#/components/parameters/applicationId' - name: encodedURL in: path required: true description: URL-encoded domain name schema: type: string requestBody: required: true content: application/json: schema: type: object properties: certificateId: type: string description: ID of the certificate to associate responses: '200': description: Certificate associated '400': description: Invalid request '401': description: Unauthorized '404': description: Application or domain not found components: securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT description: OAuth 2.0 bearer token from Citrix Cloud authentication parameters: CitrixCustomerId: name: Citrix-CustomerId in: header required: true description: Citrix Cloud customer ID schema: type: string applicationId: name: applicationId in: path required: true description: Application unique identifier schema: type: string format: uuid schemas: Application: type: object properties: id: type: string format: uuid description: Unique identifier for the application name: type: string description: Application name description: type: string description: Application description url: type: string format: uri description: Application URL appType: type: string enum: - SaaS - Web description: Type of application enabled: type: boolean description: Whether the application is enabled domains: type: array items: type: string description: Associated domains CreateApplicationRequest: type: object required: - name - url - appType properties: name: type: string description: Application name description: type: string description: Application description url: type: string format: uri description: Application URL appType: type: string enum: - SaaS - Web description: Type of application UpdateApplicationRequest: type: object properties: name: type: string description: Updated application name description: type: string description: Updated description url: type: string format: uri description: Updated URL enabled: type: boolean description: Whether the application is enabled AccessPolicy: type: object properties: id: type: string format: uuid description: Policy unique identifier name: type: string description: Policy name description: type: string description: Policy description enabled: type: boolean description: Whether the policy is active priority: type: integer description: Policy evaluation priority conditions: type: object description: Policy conditions for matching actions: type: object description: Actions to apply when policy matches CreateAccessPolicyRequest: type: object required: - name properties: name: type: string description: Policy name description: type: string description: Policy description conditions: type: object description: Policy conditions actions: type: object description: Policy actions Certificate: type: object properties: id: type: string format: uuid description: Certificate unique identifier name: type: string description: Certificate name subject: type: string description: Certificate subject issuer: type: string description: Certificate issuer expirationDate: type: string format: date-time description: Certificate expiration date CreateCertificateRequest: type: object required: - name - certificate - privateKey properties: name: type: string description: Certificate name certificate: type: string description: PEM-encoded certificate privateKey: type: string description: PEM-encoded private key